BluetoothIconXA newly discovered Bluetooth vulnerability that was published this week by Intel has the potential to allow a nearby hacker to gain unauthorized access to a device, intercepting traffic and sending forged pairing messages between two vulnerable Bluetooth devices.

The vulnerability affects Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, and Qualcomm.

From Intel's explanation:

A vulnerability in Bluetooth(R) pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth(R) devices. This may result in information disclosure, elevation of privilege and/or denial of service.

As BleepingComputer explains, Bluetooth-capable devices are not sufficiently validating encryption parameters in "secure" Bluetooth connections, leading to a weak pairing that can be exploited by an attacker to obtain data sent between two devices.

According to the Bluetooth Special Interest Group (SIG) it's not likely many users were impacted by the vulnerability.

For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure. The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgment to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.

Both Bluetooth and Bluetooth LE are affected. Apple has already introduced a fix for the bug on its devices (in macOS High Sierra 10.13.5/10.13.6, iOS 11.4, tvOS 11.4, and watchOS 4.3.1), so iOS and Mac users do not need to worry. Intel, Broadcom, and Qualcomm have also introduced fixes, while Microsoft says its devices are not affected.

Tag: Bluetooth

Top Rated Comments

Fall Under Cerulean Kites Avatar
Fall Under Cerulean Kites
88 months ago
This may result in information disclosure, elevation of privilege and/or denial of service.
Bluetooth pairing is so poor as it is, how would one even recognize they were being DoS’d?
Score: 10 Votes (Like | Disagree)
macintoshmac Avatar
macintoshmac
88 months ago
Why are Microsoft devices not affected? :oops:
Score: 4 Votes (Like | Disagree)
macduke Avatar
macduke
88 months ago
Why are Microsoft devices not affected? :oops:
Security through obscurity.
Score: 4 Votes (Like | Disagree)
Cougarcat Avatar
Cougarcat
88 months ago
Only High Sierra? Did the Sierra security update fix this?
Score: 3 Votes (Like | Disagree)
m0sher Avatar
m0sher
88 months ago
I’m just impressed by the time we hear the news, it’s already been fixed. Good job. :)
Score: 3 Votes (Like | Disagree)
fairuz Avatar
fairuz
88 months ago
Yo, maybe we can exploit this instead of fixing it. That way I can finally forcibly auto-pair my stuff instead of going through the painful pairing process manually!

Jokes aside, this is yet another reason I keep Bluetooth disabled forever (the other big one being that it's a PitA). It's like Adobe Flash, a new vulnerability every few months.
[doublepost=1532463234][/doublepost]
Only High Sierra? Did the Sierra security update fix this?
HS, Sierra, and El Cap are patched: https://support.apple.com/en-us/HT208937
Edit: Not actually sure cause the Bluetooth subsection says something different.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

iphone 16 display

iPhone 17's Scratch Resistant Anti-Reflective Display Coating Canceled

Monday April 28, 2025 12:48 pm PDT by
Apple may have canceled the super scratch resistant anti-reflective display coating that it planned to use for the iPhone 17 Pro models, according to a source with reliable information that spoke to MacRumors. Last spring, Weibo leaker Instant Digital suggested Apple was working on a new anti-reflective display layer that was more scratch resistant than the Ceramic Shield. We haven't heard...
Read Full Article113 comments
iPhone 17 Air Pastel Feature

iPhone 17 Reaches Key Milestone Ahead of Mass Production

Monday April 28, 2025 8:44 am PDT by
Apple has completed Engineering Validation Testing (EVT) for at least one iPhone 17 model, according to a paywalled preview of an upcoming DigiTimes report. iPhone 17 Air mockup based on rumored design The EVT stage involves Apple testing iPhone 17 prototypes to ensure the hardware works as expected. There are still DVT (Design Validation Test) and PVT (Production Validation Test) stages to...
Read Full Article27 comments
Beyond iPhone 13 Better Blue

20th Anniversary iPhone Likely to Be Made in China Due to 'Extraordinarily Complex' Design

Monday April 28, 2025 4:29 am PDT by
Apple will likely manufacture its 20th anniversary iPhone models in China, despite broader efforts to shift production to India, according to Bloomberg's Mark Gurman. In 2027, Apple is planning a "major shake-up" for the iPhone lineup to mark two decades since the original model launched. Gurman's previous reporting indicates the company will introduce a foldable iPhone alongside a "bold"...
Read Full Article123 comments
iphone 17 air iphone 16 pro

iPhone 17 Air USB-C Port May Have This Unusual Design Quirk

Wednesday April 30, 2025 3:59 am PDT by
Apple is preparing to launch a dramatically thinner iPhone this September, and if recent leaks are anything to go by, the so-called iPhone 17 Air could boast one of the most radical design shifts in recent years. iPhone 17 Air dummy model alongside iPhone 16 Pro (credit: AppleTrack) At just 5.5mm thick (excluding a slightly raised camera bump), the 6.6-inch iPhone 17 Air is expected to become ...
Read Full Article139 comments
apple watch ultra yellow

What's Next for the Apple Watch Ultra 3 and Apple Watch SE 3

Friday April 25, 2025 2:44 pm PDT by
This week marks the 10th anniversary of the Apple Watch, which launched on April 24, 2015. Yesterday, we recapped features rumored for the Apple Watch Series 11, but since 2015, the Apple Watch has also branched out into the Apple Watch Ultra and the Apple Watch SE, so we thought we'd take a look at what's next for those product lines, too. 2025 Apple Watch Ultra 3 Apple didn't update the...
Read Full Article65 comments
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching Later This Year With These 13 New Features

Wednesday April 23, 2025 8:31 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
Read Full Article
iPhone 17 Pro on Desk Feature

All iPhone 17 Models Again Rumored to Feature 12GB of RAM

Tuesday April 29, 2025 3:36 am PDT by
All upcoming iPhone 17 models will come equipped with 12GB of RAM to support Apple Intelligence, according to the Weibo-based leaker Digital Chat Station. The claim from the Chinese leaker, who has sources within Apple's supply chain, comes a few days after industry analyst Ming-Chi Kuo said that the iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max will all be equipped with 12GB of RAM. ...
Read Full Article83 comments
AirPods Pro 3 Mock Feature

AirPods Pro 3 Just Months Away – Here's What We Know

Tuesday April 29, 2025 1:30 am PDT by
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
Read Full Article102 comments