Blueborne Security Bulletin

Blueborne Security Bulletin


Armis Labs has disclosed a vulnerability that affects nearly all systems using Bluetooth. “BlueBorne” does not require a system to be connected to a network, nor requires any action by an end user, and can spread to devices with Bluetooth enabled. This allows an attacker to connect to a Bluetooth enabled device without actively pairing and upload malware or establish a man-in-the-middle connection without the user’s knowledge. Compromised devices can be used to distribute an infection to other devices within Bluetooth range.

Threat Intelligence

We have not seen reports of these vulnerabilities being exploited in the wild however Armis has demonstrated several exploits in videos.

Systems Affected


All Android phones, tablets, and wearables

Examples of affected devices:

  • Google Pixel
  • Samsung Galaxy
  • LG Watch Sport
  • Pumpkin Car Audio Systems

All Windows computers since Windows Vista are affected.


All Linux devices running BlueZ and all Linux devices running version 3.3-rc1 (released in October 2011)

Examples of affected devices

  • Samsung Gear S3 (Smartwatch)
  • Samsung Smart TVs
  • Samsung Family Hub (Smart refrigerator)

All Apple devices running iOS version <= 9.3.5 and AppleTV devices running version <= 7.2.2

Examples of affected devices

  • iPhone (iOS 9.3.5 or lower)
  • iPad (iOS 9.3.5 or lower)
  • iPod Touch (iOS 9.3.5 or lower)
  • AppleTV (version 7.2.2 and lower)

Identified Exploits

  • CVE-2017-0781 – Remote code execution
  • CVE-2017-0782 – Remote code execution
  • CVE-2017-0785 – Information leak
  • CVE-2017-0783 – Man-in-the-Middle attack
  • CVE-2017-8628 – “Bluetooth Pineapple” vulnerability allows an attacker to perform a Man-in-the-Middle attack.
  • CVE-2017-1000250 – Information leak vulnerability affecting BlueZ.
  • CVE-2017-1000251 – Remote code execution
  • CVE-2017-14315 – Remote code execution.



Google issued a security patch as part of their September Security Update and Bulletin.


Microsoft is security patches to all supported Windows versions at Tuesday, September 12.


Red Hat has provided a kpatch for customers running Red Hat Enterprise Linux 7.2 or greater.


Apple mitigated this vulnerability in iOS 10, we recommend you upgrade to the latest iOS or tvOS available.

Technical SUmmary

Armis published a whitepaper detailing the vulnerability here:


We recommend the following actions be taken:

  • Install the latest security patches for your device as they become available.
  • If you are concerned that your device may not be patched, we recommend disabling Bluetooth, and minimizing its use until you can confirm a patch is issued and installed on your device.
  • Users of Android devices can determine if their device is vulnerable by downloading the Blueborn Android App.*

*This is a third party application that has not been vetted by Masergy for safety or effectiveness. Use at your own discretion.