"Bluetooth Flaw Exposes Countless Devices to BIAS Attacks"

Researchers discovered a new vulnerability in the Bluetooth wireless communication protocol that exposes a wide range of devices, such as smartphones, laptops, and smart-home devices, to the so-called Bluetooth Impersonation Attacks (BIAS).  The attack is made possible by the flaws in the Bluetooth Classics specification.  Any standard-compliant Bluetooth device can be expected to be vulnerable.  The researchers tested the security weakness on a variety of devices with different versions of the Bluetooth protocol.  The researchers conducted BIAS attacks on more than 28 unique Bluetooth chips.    They were able to test chips from Apple, Intel, Samsung, Cypress, CSR, and Qualcomm.  All the devices that were tested were vulnerable to the BIAS attack.  The researchers disclosed their findings to the industry in December 2019.  Some vendors might have implemented workarounds for the vulnerability on their devices.  If your device was updated after December 2019, then the flaw might be fixed.  If your device was not updated after December 2019, then it is likely still vulnerable to a BIAS attack.  

WeLiveSecurity reports: "Bluetooth Flaw Exposes Countless Devices to BIAS Attacks"