A new Bluetooth vulnerability has been discovered named as “KNOB” that allows hackers to easily breach the encryption key of the paired Bluetooth devices. Once the attackers successfully brute force the encryption, it can manipulate the data or traffic being transferred within the paired devices.
The KNOB flaw
A coordinated disclosure was made between the Center for IT-Security, Privacy, and Accountability (CISPA), ICASI members(Microsoft, Apple, Intel, Cisco, and Amazon), about the KNOB flaw that affects the Bluetooth BR/EDR devices using the 1.0-5.1 version. The KNOB flaw has assigned CVE-2019-9506 vulnerability that allows the attacker to brute force the encryption key resulting in reduced length of the key. The encryption key is used during the pairing of two Bluetooth-enabled devices to establish secure connection.
The researchers within the disclosure said:
“The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up encryption on a BR/EDR connection between two devices in such a way as to reduce the length of the encryption key used,”
The disclosure further added that:
“For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were establishing a BR/EDR connection. If one of the devices did not have the vulnerability, then the attack would not be successful.”
Possible Impact Of The KNOB Flaw
If both the Bluetooth devices have the same vulnerability, than the attack can manage to shorten the length of encryption key. This in turn allows the attacker to easily brute-force and crack the key completely. Once done, the attack can silently monitor and manipulate the traffic and data being transferred within two paired Bluetooth devices. Thus, the attack can use it for recording keystrokes, inject malicious commands and other drop other potential threats.
The Bluetooth Core specification has already updated the minimum encryption key for the BR/EDR connections to be a length of 7 octets. Thus, users need to install the latest updates to their Bluetooth-enabled devices from their respective device update sections.
Also, Microsoft has released an update about the issue as “CVE-2019-9506 | Encryption Key Negotiation of Bluetooth Vulnerability.” Installing the latest updates will patch the KNOB flaw by adding the minimum of 7 octet encryption key for the BR/EDR connections.