KNOB Bluetooth Vulnerability

Security researchers have disclosed details of a vulnerability, known as Key Negotiation of Buletooth (KNOB), in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR, formally Bluetooth>encryption keys.

Threat ID:: CC-3182
Category:
Threat Severity:: Low
Threat Vector:
Published:: 15 August 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

Bluetooth

Bluetooth BR/EDR specification - Versions 5.1 and earlier

Threat details

They claim that an unauthenticated attacker within Bluetooth range could force other users to agree to use weakened encryption keys. In a standard Bluetooth BR/EDR encrypted connection, the two connecting devices must link and agree on the amount of entropy (between 1 and 16 bytes) to be used to generate the encryption key. If in agreement, the key is generated and the connection is established. With KNOB, it is possible for a third party to intercept their communications in order to reduce the agreed entropy. Encryption keys produced using lower entropy are more susceptible to brute-force attacks, which the third-party can take advantage of to retrieve the keys and perform man-in-the-middle attacks.

For further information:

Remediation steps

Type	Step
	The following Bluetooth BR/EDR implementers are confirmed to be affected, organisation are encouraged to apply the relevant patches immediately: Apple Blackberry Cisco Johnson Controls Lenovo Microsoft

Type

Step

The following Bluetooth BR/EDR implementers are confirmed to be affected, organisation are encouraged to apply the relevant patches immediately:

CVE Vulnerabilities

Status

CVE-2019-9506

Last edited: 14 February 2020 2:58 pm