A security firm ERNW said that hackers are now physically close enough to exploit the activated Bluetooth connection on Android devices and can run malicious computer code. Google will soon release a fix for the safety hole that doesn’t allow attackers to run the malicious code. Google has released a security update to address, but it will take much time to reach all the users of the devices. This update allows remote code execution without user interaction.
ERNW tracks the vulnerability as CVE-2020-0022, and this bug affects devices running on Android Oreo, 8.0, and 8.1 and Pie. For these devices, which between them account for nearly two-thirds of Android devices in use, the flaw is rated critical by Google.A German IT security provider ERNW discovered the security hole and reported it to Google three months ago.
This bug could be exploited to steal personal data of the users and can also distribute malware. There is also a possibility that the attackers could also silently execute arbitrary code with the privileges of the Bluetooth devil.
This bug of Bluetooth doesn’t require any user interaction. Still, this devil only requires the Bluetooth MAC address of the target devices, and unfortunately, for some tools, the Bluetooth MAC address can be known from the WiFi MAC address. But the only good thing is that the attackers need to be within the proximity of the phone or tablet, and it has to be in discoverable mode, so you should be more aware of activating your Bluetooth in an open place.
Android versions older than 8.0 were not tested, and it seems that the bug is much less problematic for Android 10.ERNW stopped in need of describing the bug intimately or sharing proof-of-concept code because it waits for the fixes to succeed in end-users.The security hole in Bluetooth discovered by ERNW, a German IT security provider firm described the vulnerability as:
A foreign attacker on devices running on Android 8.0 to Pie can silently execute arbitrary code, within a limited range as long as the user enables Bluetooth. No user interaction is required, and only the Bluetooth MAC address of the target devices has got to be known. For some devices, the Bluetooth MAC address is often deduced from the WiFi MAC address. This vulnerability can cause the theft of private data and will potentially be wont to spread malware (Short-Distance Worm).
The full details haven’t been published yet, but the fix is included within the February 2020 security patch. If your phone or tablet has been updated to Android 10, then you are entirely safe, and the vulnerability does not affect that version besides crashing Android’s Bluetooth stack. But if your device is still on Android 9 Pie or below like 8.0 or 8.1, then also don’t worry about anything as finding the Bluetooth MAC address isn’t easy as it looks.
If you own a Google-branded smartphone-like Pixel, then you are lucky. By default, patching is not as fast as desired for many other Android device owners, who need to wait for their phone manufacturers or carriers to roll out the updates. Android said that they had notified all Android device makers of the issue at least a month ago, and they will include the fix in its latest assortment of monthly security updates.
One way to reduce the risk is that make ensure that your phone is in non-discoverable mode when your Bluetooth is activated. Also, enable Bluetooth only if it is very much necessary and remember to turn it off after use.
The importance of receiving Android’s monthly security updates can’t be overstated. Google will send updates via its monthly updates to fix the bug so that the CVE-2020-0022 vulnerability could be solved.