Saturday, February 29, 2020

Google fixes Critical Bluetooth Vulnerability in Android (CVE-2020-0022) which execute malicious code

Must Read

How to Password Protect a Folder in Windows 10 | 5 Methods You Can Use

There are several security methods that you can use to set up to protect the significant documents and data...

How to see the saved passwords in chrome

When ever you surf on the web through your any browser i:e Google Chrome, it can offer to save...

How to block websites on Google Chrome, everything you want to know

Google Chrome is a great tool for finding things for your work, college assignments, or some things as well....
Pravin Kr. Chandra
A mechanical engineer by profession and a gadget freak who loves to explore, gadgets and tech content on the web.

In spite of the fact that Android is a modern, powerful and dependable operating system. But sometimes a flaw present as security holes can compromise its operation. An important Android vulnerability related to the Bluetooth module came in existence which gives opportunity to attackers to execute malicious code without being suspicious.

Android 9 Pie and Android 8 Oreo are the victims of a serious Bluetooth module security bug

Jan Ruge, a researcher at the Technical University of Darmstadt in Germany, discovered the flaw. His in-depth study and discoveries made it clear that there are two particular conditions in order to be exploited by an attacker who can use this flaw in Android. The security impact is as follows:

  • On Android 8.0 to 9.0, a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled. No user interaction is required and only the Bluetooth MAC address of the target devices has to be known. For some devices, the Bluetooth MAC address can be deduced from the WiFi MAC address. This vulnerability can lead to theft of personal data and could potentially be used to spread malware (Short-Distance Worm).
  • On Android 10, this vulnerability is not exploitable for technical reasons and only results in a crash of the Bluetooth daemon.
  • Android versions even older than 8.0 might also be affected but we have not evaluated the impact. Link

If both the conditions are true, the flaw with CVE-2020-0022 identification, can make your Android device vulnerable. Thes would allow attackers to remotely access and execute the malicious code on Android devices.

Google’s New Security Update Fixed This

Ruge announced the discovery to Google last November 2019 which is now officially resolved with latest security patches of February 2020 – link to the Android security bulletin. Google has patched this week a critical security flaw in Android’s Bluetooth component. If left un-patched, the vulnerability can be exploited without any user interaction. Experts said that it can even be used to create self-spreading Bluetooth worms.

Fixes for the bug are available via the Android February 2020 Security Bulletin, which has been available for download starting this week.

Android security is a very important element for Google. We should thank to the bounty program in which the US company encourages independent researchers and external companies to test the strength of Android behind a cash compensation in case of discoveries such as those we have just seen.

Also Read: Huawei P40 Lite E coming soon, might be a rebrand of that Enjoy 10

Latest News

New software updates has arrived for ASUS ZenFone 6, Xiaomi Mi 10 and Mi 10 Pro, Samsung Galaxy A71, Galaxy A50S and M30S, Realme...

In this week, many Android smartphones have received new software update. Today's we are here with a list of...

Samsung Galaxy S20 Ultra 5G first firmware update brought March 2020 security patch and improvement to the camera quality

Recently launched Samsung Galaxy S20 Ultra 5G smartphone is receiving its first firmware update. The first update brought the March 2020 security patch and...

A new Lenovo Legion Gaming Smartphone teaser poster reveals a 55W charging technology for the device

A few days back, Lenovo has officially announced a gaming smartphone under its Legion brand, which will be equipped with the Snapdragon 865 5G...

Motorola Edge+, Motorola One Mid, & Moto G8 Power Lite specs leaked, A new flagship is coming soon

At the end of last month, we had news that Motorola is working on a flagship smartphone. The device was identified as Motorola Edge+...

LG Q51 is a new budget smartphone with 6.5-inch display & a 13 primary camera sensor

LG announced a new budget oriented smartphone in South Korea called LG Q51. The smartphone is launched with a big-sized display. So, the device...

More Articles Like This