A critical security downgrade vulnerability in Bluetooth LE implementations allows attackers to bypass authentication by spoofing bonded devices.

An attacker can downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device, and establishing a new, compromised bond. This attack requires proximity to the target device and exploits the trust relationship inherent in the bonding process.

This vulnerability enables an attacker to intercept or manipulate data transmitted over Bluetooth LE, potentially leading to unauthorized access to connected peripherals or sensitive information. With a CVSS score of 8.8, the threat to local device security is severe, necessitating prompt action in environments relying on wireless connectivity.

Immediate Action: Update firmware on all Bluetooth-enabled devices to the latest vendor-supplied versions to address the bonding security flaw.

Proactive Monitoring: Monitor for unexpected Bluetooth pairing requests or unusual connection drops in environments with sensitive wireless devices.

Compensating Controls: Disable Bluetooth functionality on devices where it is not strictly required for business operations to reduce the attack surface.

Public Exploit Available: false

Security teams must prioritize firmware updates for all Bluetooth-enabled hardware. Given the proximity requirement for exploitation, focus remediation efforts on high-value devices and those located in publicly accessible or high-traffic areas.