Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks.

Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh Profile specifications that could be used to impersonate legitimate devices during the pairing process and conduct man-in-the-middle (MitM) attacks while within wireless range of vulnerable devices.

All the devices supporting Bluetooth Core and Mesh specifications are affected by the above issues and are vulnerable to impersonation attacks and AuthValue disclosure.

Researchers identified a vulnerability affecting the Passkey authentication in BR/EDR Secure Simple Pairing in Bluetooth Core Specifications 2.1 through 5.2, BR/EDR Secure Connections Pairing in Bluetooth Core Specifications 4.1 through 5.2 and LE Secure Connections Pairing in Bluetooth Core Specifications 4.2 through 5.2. The experts discovered that attackers in a MITM position were able to use a crafted series of responses to determine each bit of the randomly generated Passkey selected by the pairing initiator in each round of the pairing procedure. Once the bits composing the Passkey were identified during the same pairing session an attack could complete the authenticated pairing process with the responder.

“After successful completion of the authentication procedure, the responder will be authenticated to the attacker rather than the initiator, permitting the attacker to act in the role of an encrypted and authenticated peer. The attacker does not succeed in pairing with the initiator by this method, preventing a fully transparent MITM attack on the pairing procedure between the initiator and responder.” reads the advisory published by the Bluetooth SIG.

“For this attack to be successful, an attacking device needs to be within wireless range of two vulnerable Bluetooth devices initiating pairing or bonding where a BR/EDR IO Capabilities exchange or LE IO Capability in the pairing request and response results in the selection of the Passkey pairing procedure.”

The Bluetooth Special Interest Group (SIG) published security notices about the flaws, below the full list of the issues:

Bluetooth Mesh Profile AuthValue leak05/24/2021SIG Security NoticeMesh Profile Spec, v1.0 to v1.0.1CVE-2020-26559
Malleable commitment in Bluetooth Mesh Profile provisioning05/24/2021SIG Security NoticeMesh Profile Spec, v1.0 to v1.0.1CVE-2020-26556
Predictable Authvalue in Bluetooth Mesh Profile provisioning leads to MITM05/24/2021SIG Security NoticeMesh Profile Spec, v1.0 to v1.0.1CVE-2020-26557
Impersonation attack in Bluetooth Mesh Profile provisioning05/24/2021SIG Security NoticeMesh Profile Spec, v1.0 to v1.0.1CVE-2020-26560
Impersonation in the BR/EDR pin-pairing protocol05/24/2021SIG Security NoticeCore Spec, v1.0B to 5.2CVE-2020-26555
Authentication of the Bluetooth LE legacy-pairing protocol05/24/2021SIG Security NoticeCore Spec, v4.0 to 5.2N/A
Impersonation in the Passkey entry protocol05/24/2021SIG Security NoticeCore Spec, v2.1 to 5.2CVE-2020-26558

The Carnegie Mellon CERT Coordination Center (CERT/CC) also published an advisory that includes the list of the impacted vendors, such as Cisco, Microchip, Red Hat, Intel, and Android.

[출처 : SecurityAffairs / 5.24.]