An attacker within bluetooth transmission range can exploit a flaw in the Linux kernels implementation of bluetooth specification. A system with dual-mode "LE and BR/EDR is able to overwrite the key used and switch between the modes using the modified key. This flaw could allow an attacker to use a bluetooth service unauthenticated or possibly man in the middle an existing bluetooth connected session between devices.

Source link

You must be logged in to post a comment.