BrokenMesh: New Attack Surfaces of Bluetooth Mesh

Security

"Discover newly identified attack surfaces in Bluetooth mesh networking technology used in smart home devices, including zero-day vulnerabilities and remote code execution risks."

Key takeaways
  • Bluetooth mesh networking technology used in smart home devices
  • Node devices in the mesh network have a unique node ID and can subscribe to a group address
  • Devices communicate with each other through Bluetooth Low Energy (BLE) protocols
  • The network is built upon a mesh spec and allows for network communication and routing
  • The mesh nodes use a shared key (net key and APP key) for encryption and secure communication
  • Segmentation and reassembly mechanisms are used for transmitting large amounts of data
  • Fuzzing tool BleMeshFuzzer is used for vulnerabilities in the mesh network
  • Zero-day vulnerabilities found in network build stage, network control stage and on the Android and Linux platform
  • Fuzzer can hijack PC and R0 to obtain remote code execution (RCE) vulnerability
  • Devices can hijack and redirect messages causing segmentation and reassembly vulnerabilities

More talks

SAINTCON 2023 - Chad Walker - Securing Big Stupid Machines

LeadDev Berlin 2022 Lusia Emme

The path to agile DevSecOps – a holistic approach of automation, orchestration and correlation

Julian Markwort: Use Ansible to herd your Elephants! (PGConf.EU 2023)

Lifting the Fog of War - Monitoring, Identifying and Mitigating MS-RPC Based Threats

SAINTCON 2016 - Michael Spicer (d4rkm4tter) - WiFi Surveillance at DEF CON 24

DjancoCon 2022 | KEYNOTE: What should you have to worry about

Roc Alayo Arnabat & Sergi Rosell Ferrer - GitOps in Modern Security-Compliant Environments