Bluetooth bluffs

BlueRange not affected by Bluetooth bluffs

The recently disclosed critical vulnerability described in CVE-2023-24023 makes it possible to interfere with encrypted Bluetooth connections. This potentially leaves billions of Bluetooth-enabled devices such as smartphones, laptops and tablets vulnerable to a new attack method called bluffs. Bluffs stands for “Bluetooth Forward and Future Secrecy” and describes new techniques that allow MitM (Man in the Middle) attacks and the impersonation of other device identities, thereby jeopardizing the confidentiality of Bluetooth sessions. According to a report by Bleeping Computer, Bluffs is based, among other things, on two previously unknown and architecture-related vulnerabilities in the Bluetooth standard, registered as CVE-2023-24023. Bluetooth BR/EDR devices with support for Secure Simple Pairing and Secure Connections Pairing according to the Bluetooth core specification in versions 4.2 to 5.4 are affected.


Be safe with BlueRange

As for BlueRange, there are no effects whatsoever on the BlueRange Mesh technology. The AES 128 BIT mesh encryption and secured connections via HTTPS and MQTTS ensure data security throughout the entire system.