BlueBorne is a combination of vulnerabilities related to vague and outdated definitions of the Bluetooth protocol, including authorization and authentication issues. The absence or wrong validation of different protocol parameters in the Bluetooth stack code can result in stack or heap overflow in the kernel address space. When combined with an outdated implementation, they can lead to remote code execution (RCE).
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/blueborne-reportedly-affects-billions-bluetooth-enabled-devices/
沒有留言:
張貼留言