From the Blog

Android Bluetooth Critical RCE Flaw

A recent vulnerability was found by researchers from a German security firm. Fixes are available via the Android February 2020 Security Bulletin. The bug is identified as CVE-2020-002; when exploited can result in remote-code-execution without any user interaction with elevated privileges.

exc-5e41210d120d25193d9d6db1

A recent vulnerability was found by researchers from a German security firm. Fixes are available via the Android February 2020 Security Bulletin. The bug is identified as CVE-2020-002; when exploited can result in remote-code-execution without any user interaction with elevated privileges.

The bug is found in the Bluetooth daemon when the Bluetooth module is active. This security fault can spread malware like a worm from short distances due to Bluetooth’s range of connection.

The versions of Android affected by this vulnerability take up to two-thirds of Android devices with the exception that Bluetooth is enabled. The version affected are Android Pie (9.0) and Android Oreo (8.0, 8.1). Only within Bluetooth proximity is it possible to exploit this vulnerability without user knowledge. The only reconnaissance necessary is to grab the Bluetooth’s MAC address of the target device in order to conduct the attack.

The same vulnerability is found in Android 10.0; however, the CVE is rated at ‘moderate’ because it does not trigger an RCE but does trigger a denial-of-service (DoS). Other older versions before 8.0 could potentially be vulnerable although researchers have not tested the impact.

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest
Scroll to Top

Covid-19 Update

We Remain Open

At this present time we have taken all the relevant measures to ensure our team are safe. Until further notice all our “onsite” engagements will either be postponed or performed remotely via VPN or one of our appliances.

Please bear with us if we need to reschedule some of your work. As a collective, we are also volunteering our time to support the elderly and assist essential services.

Thank you for your patience and understanding.

Peter
CEO & Founder