The Bluetooth Special Interest Group (SIG) published instructions for eliminating security vulnerabilities in the “Secure Simple Pairing” and “LE Secure Connections” processes. Rutronik UK now offers a manufacturer-independent overview at https://rutronik-tec.com/bluetooth-security-vulnerability-status/, which shows the patch status of the individual chip and module manufacturers. The site is kept up to date with the assistance of the franchise partners.
All Bluetooth specifications from V2.1+EDR to V5.0 are affected by the security vulnerability. It goes without saying that the individual device manufacturers are responsible for patching the wireless stacks in the end devices via FOTA (firmware update over the air) to ensure they are free of flaws. This feature is supported by all current Bluetooth components in the Rutronik UK portfolio.
As market leader (approx. 45 percent market share) and a member of Bluetooth SIG, Nordic Semiconductor already offers faultless stacks and other suppliers are already working on patches. Therefore, the device manufacturers are required to forward the available updates to their devices as quickly as possible so that the attack gap will not actually be exploited soon.
Erratum 10734 can be downloaded from here: https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?doc_id=447440&_ga=2.253269836.453099069.1533649306-1605826663.1532498694
About Rutronik
RUTRONIK UK LTD is operating as an independent company with a team of highly qualified UK employees with broad experience of the electronics industry. Parent company Rutronik Elektronische Bauelemente GmbH is one of the leading broadline distributors for semiconductors, passive and electromechanical components in addition to storage technologies, displays & boards and wireless products. The markets that the company primarily targets include automotive, medical, industrial, home appliance, energy and lighting. Wide-ranging services, competent support in the areas of product development and design, as well as individual logistics and supply chain management solutions round off its customer and future-orientated range of goods and services.
