You see this notification on the Trend Micro Home Network Security app:
"Unauthenticated Bluetooth Access Vulnerability"
Why did this happen?
A risk of exploit on your Bluetooth connection was detected.
Bluetooth utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices. The Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
What are its risks?
This vulnerability makes it possible for an attacker to intercept and decrypt and/or forge and inject malicious messages.
What should I do next?
- Make sure your devices are updated to the latest firmware. Show me how.
- Disable Bluetooth if it is not needed.
What if I have more questions?
For more information, check out:
