Virtually all Bluetooth devices are vulnerable to a newly discovered attack

A newly discovered exploit makes it possible to hijack the connection between almost all Bluetooth devices from the past decade. The attacker then takes over the connection to an existing device.

The man-in-the-middle attack works by forcing weaker encryption on the device, after which that encryption is easy to crack. That appears from the paper Daniele Antonioli from Eurecom. The Bluetooth SIG acknowledges the security problem and recommends that device makers no longer allow connections with the weaker encryption. The security problem is in all Bluetooth versions from 4.2 to the latest 5.4 and is in the architecture. As a result, there is no real fix.

The exploit requires an attacker to be within range of two devices that are connecting or already connected to each other. By spoofing one of those devices and enforcing weaker encryption, it becomes possible to take over the connection. The vulnerability can be followed below CVE-2023-24023.

The researcher recommends, among other things, that devices always use Secure Connections where possible, a Bluetooth function that provides better security when making the connection. Now devices fall back too quickly to other methods of connection that enable the attack. It appears that there is nothing users can do themselves to prevent attacks.