BluetoothIconXA newly discovered Bluetooth vulnerability that was published this week by Intel has the potential to allow a nearby hacker to gain unauthorized access to a device, intercepting traffic and sending forged pairing messages between two vulnerable Bluetooth devices.

The vulnerability affects Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, and Qualcomm.

From Intel's explanation:

A vulnerability in Bluetooth(R) pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth(R) devices. This may result in information disclosure, elevation of privilege and/or denial of service.

As BleepingComputer explains, Bluetooth-capable devices are not sufficiently validating encryption parameters in "secure" Bluetooth connections, leading to a weak pairing that can be exploited by an attacker to obtain data sent between two devices.

According to the Bluetooth Special Interest Group (SIG) it's not likely many users were impacted by the vulnerability.

For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure. The attacking device would need to intercept the public key exchange by blocking each transmission, sending an acknowledgment to the sending device, and then injecting the malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability, the attack would not be successful.

Both Bluetooth and Bluetooth LE are affected. Apple has already introduced a fix for the bug on its devices (in macOS High Sierra 10.13.5/10.13.6, iOS 11.4, tvOS 11.4, and watchOS 4.3.1), so iOS and Mac users do not need to worry. Intel, Broadcom, and Qualcomm have also introduced fixes, while Microsoft says its devices are not affected.

Tag: Bluetooth

Top Rated Comments

Fall Under Cerulean Kites Avatar
Fall Under Cerulean Kites
98 months ago
This may result in information disclosure, elevation of privilege and/or denial of service.
Bluetooth pairing is so poor as it is, how would one even recognize they were being DoS’d?
Score: 10 Votes (Like | Disagree)
macintoshmac Avatar
macintoshmac
98 months ago
Why are Microsoft devices not affected? :oops:
Score: 4 Votes (Like | Disagree)
macduke Avatar
macduke
98 months ago
Why are Microsoft devices not affected? :oops:
Security through obscurity.
Score: 4 Votes (Like | Disagree)
Cougarcat Avatar
Cougarcat
98 months ago
Only High Sierra? Did the Sierra security update fix this?
Score: 3 Votes (Like | Disagree)
m0sher Avatar
m0sher
98 months ago
I’m just impressed by the time we hear the news, it’s already been fixed. Good job. :)
Score: 3 Votes (Like | Disagree)
fairuz Avatar
fairuz
98 months ago
Yo, maybe we can exploit this instead of fixing it. That way I can finally forcibly auto-pair my stuff instead of going through the painful pairing process manually!

Jokes aside, this is yet another reason I keep Bluetooth disabled forever (the other big one being that it's a PitA). It's like Adobe Flash, a new vulnerability every few months.
[doublepost=1532463234][/doublepost]
Only High Sierra? Did the Sierra security update fix this?
HS, Sierra, and El Cap are patched: https://support.apple.com/en-us/HT208937
Edit: Not actually sure cause the Bluetooth subsection says something different.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

Apple Creator Studio

Apple Introduces New 'Creator Studio' Bundle of Apps for $129 Per Year

Tuesday January 13, 2026 6:11 am PST by
Apple today introduced a new Apple Creator Studio bundle that offers access to six creative apps, as well as exclusive AI features and content, as part of a single subscription. In the U.S., pricing is set at $12.99 per month or $129 per year. Here are the six apps included with an Apple Creator Studio subscription:Final Cut Pro on the Mac and iPad Logic Pro on the Mac and iPad Pixelmator...
Read Full Article407 comments
Verizon New

Verizon is Down: iPhones Show 'SOS' Mode Due to Network Outage [Resolved]

Wednesday January 14, 2026 10:18 am PST by
Verizon is experiencing a major outage across the U.S. today, with hundreds of thousands of customers reporting issues with the network on the website Downdetector. There are also complaints across Reddit and other social media platforms. iPhone users and others with Verizon service are generally unable to make phone calls, send text messages, or use data over 5G or LTE due to the outage....
Read Full Article142 comments
iPhone Top Left Hole Punch Face ID Feature Purple

New Leak Reveals iPhone 18 Pro Display Sizes, Under-Screen Face ID, and More

Wednesday January 14, 2026 7:09 am PST by
While the iPhone 18 Pro models are still around eight months away, a leaker has shared some alleged details about the devices. In a post on Chinese social media platform Weibo this week, the account Digital Chat Station said the iPhone 18 Pro and iPhone 18 Pro Max will have the same 6.3-inch and 6.9-inch display sizes as the iPhone 17 Pro and iPhone 17 Pro Max. Consistent with previous...
Read Full Article59 comments
iOS 26

Here's What's New in iOS 26.3 So Far

Monday January 12, 2026 1:15 pm PST by
Apple today seeded the second beta of iOS 26.3, nearly a month after the first beta. So far, the update includes a couple of new features for iPhones. iOS 15.3 through iOS 18.3 were all released in late January over the years, so it is thereby likely that iOS 26.3 will be released towards the end of this month as well. The update is compatible with the iPhone 11 series and newer. Below,...
Read Full Article47 comments
airpods pro 3 design

Apple Releases New AirPods Pro 3 Firmware Update

Tuesday January 13, 2026 11:29 am PST by
Apple today released a firmware update for the AirPods Pro 3. The latest firmware has a version number of 8B34, up from the previous version 8B30. Apple has a support document for AirPods firmware updates, and it indicates that the 8B34 update contains unspecified "bug fixes and other improvements." No other AirPods models received firmware updates today. How to install AirPods Pro...
Read Full Article55 comments