Researchers have uncovered a new vulnerability in Bluetooth called Key Negotiation of Bluetooth (KNOB), which allows attackers to spy on encrypted communications and data sent between two devices.

The vulnerability threatens the safety and privacy of more than a billion Bluetooth-enabled devices, including smartphones, laptops, IoTs and industrial devices, according to the Arab Technology News portal.

The vulnerability, CVE-2019-9506, allows attackers to enforce the encryption key used during pairing to more easily monitor or manipulate data transferred between two paired devices.

The vulnerability was revealed by the Center for Information Technology Security, Privacy and Accountability (CISPA) and the Industry Federation for the Advancement of Internet Security (ICASI).

The vulnerability affects Bluetooth BR / EDR devices, known as Bluetooth Classic, using specs versions 1.0 - 5.1.

Bluetooth BR / EDR is a wireless technology standard that is typically designed for short-term and continuous wireless communication such as broadcasting audio to headphones or portable speakers.

The vulnerability allows the attacker to reduce the length of the encryption key used to establish a connection, which means intercepting, monitoring, or processing encrypted Bluetooth traffic between two paired devices.

The researchers explained that the way to exploit this vulnerability is not easy because it requires the existence of specific conditions:

Both devices must be (Bluetooth BR / EDR).
The attacker must be within range of devices while he or she creates a connection.
The attacker must be able to block direct transmission between devices during pairing.
The attacker must be able to intercept, process, and resend the key length message between the two devices.
This must be done in a tight time frame.
The encryption key must be shortened successfully.
The attacker needs to repeat this attack every time the devices are paired.

Bluetooth SIG has updated the basic Bluetooth specification to resolve this security problem by recommending a minimum BR / EDR encryption key length.

Bluetooth SIG strongly recommends that product developers update existing solutions to enforce a minimum encryption key length for BR / EDR.

Experts warn that all tested devices including Bluetooth chips such as Intel, Broadcom, Apple and Qualcomm are under attack (KNOB).

Many affected vendors have started issuing security updates for operating systems and firmware, including:

Microsoft for Windows.
Cisco IP Phones and Webex.
Google for Android.
Apple for MacOS, iOS, and watchOS.
Black Berry.