CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.
The embargo period is over for a proof-of-concept (PoC) tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs.
BrakTooth is a collection of flaws affecting commercial Bluetooth stacks on more than 1,400 chipsets used in billions of devices – including smartphones, PCs, toys, internet-of-things (IoT) devices and industrial equipment – that rely on Bluetooth Classic (BT) for communication.
On Thursday, CISA urged manufacturers, vendors and developers to patch or employ workarounds.