Last year, it was announced that Wi-Fi networks that use the WPA2 protocol had a vulnerability that allowed friends of others to access this type of network, a protocol that in theory was the most secure. Apple was quick to release an update so that all of its devices they will not be affected by this security problem.
Once again, a security problem has been detected that affects bluetooth connections, a vulnerability that Apple is already working on. This vulnerability, discovered by Intel, allows friends of others to gain access to the device by intercepting traffic and sending spoofed pairing messages between two devices affected by this vulnerability.
This vulnerability affects Apple, Broadcom, Intel and Qualcomm bluetooth connections and controllers, but not Microsoft's, according to the Redmond-based company. In the statement in which Intel announced this vulnerability we can read:
A vulnerability in Bluetooth pairing potentially allows an attacker in physical proximity (within 30 meters) to gain unauthorized access through an adjacent network, intercept traffic, and send spoofed pairing messages between two vulnerable Bluetooth devices.
As the guys from BleepingComputer explain to us, devices with bluetooth, they are not sufficiently validating the encryption parameters on secure bluetooth connections, causing a weak pairing that can be exploited by an attacker to gain access to data sent between two devices.
According to the Bluetooth Special Interest Group, who is in charge of the development of this technology, not many users are likely to be affected Due to this vulnerability, Apple is still working to launch a patch to solve this problem. This vulnerability affects both bluetooth devices and bluetooth LE (low power) devices.