An Android 8.0-9.0 Bluetooth Zero-Click vulnerability #Security #Bluetooth @insinuator « Adafruit Industries – Makers, hackers, artists, designers and engineers!

Popular Categoriesview all

3D printing (16125)
Raspberry Pi (10002)
art (8604)
wearables (5072)
science (4469)
arduino (4458)
random (3748)
CircuitPython (3620)
adafruit learning system (3168)
music (3088)

costuming (3032)
cosplay (2810)
robotics (2731)
educators (2662)
community (2651)
history (2533)
space (2477)
ask-an-engineer (2459)
New Products (2358)
holiday (2303)

New Postsview all

April 22, 2025 at 5:08 pm
A keyboard design contest results

April 22, 2025 at 3:49 pm
JP’s Product Pick of the Week — 4pm…

April 22, 2025 at 3:24 pm
Kurt Vonnegut, Shape of Stories #ArtTuesday

Featured Postsview all

April 19, 2025 at 1:30 pm
#NewProducts 4/16/25 Feat. #Adafruit USB Type C CC…

April 10, 2025 at 2:23 pm
TARIFF TALK! WITH LADYADA – April 10, 2025…

April 9, 2025 at 4:54 pm
New nEw NEWS From Adafruit Round-Up: January,…

April 22, 2020 AT 2:50 pm

An Android 8.0-9.0 Bluetooth Zero-Click vulnerability #Security #Bluetooth @insinuator

One feature that is available on most classic Bluetooth implementations is answering via Bluetooth pings. Everything an attacker needs to know is the device’s Bluetooth address. Even if the target is not discoverable, it typically accepts connections if it gets addressed. ERNW Insinuator discusses vulnerability CVE-2020-0022 which is an Android 8.0-9.0 Bluetooth Zero-Click remote code execution (RCE) – also called BlueFrag.

In the following, we describe a Bluetooth zero-click short-distance RCE exploit against Android 9, which got assigned CVE-2020-0022 . We go through all steps required to establish a remote shell on a Samsung Galaxy S10e, which was working on an up-to-date Android 9 when reporting the issue on November 3 2019. The initial flaw used for this exploit is still present in Android 10, but we utilize an additional bug in Bionic (Android’s libc implementation), which makes exploitation way easier. The bug was finally fixed in the security patch from 1.2.2020 in A-143894715.

A demonstration video is above. See more in the article here.

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7:30pm ET! To join, head over to YouTube and check out the show’s live chat and our Discord!

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Join over 38,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 11/15/2024 Featuring Adafruit bq25185 USB / DC / Solar Charger with 3.3V Buck Board! (Video)

Python for Microcontrollers – Adafruit Daily — Python on Microcontrollers Newsletter: A New Arduino MicroPython Package Manager, How-Tos and Much More! #CircuitPython #Python #micropython @ThePSF @Raspberry_Pi

EYE on NPI – Adafruit Daily — EYE on NPI Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

Adafruit IoT Monthly — The 2024 Recap Issue!

Maker Business – Adafruit Daily — Apple to build another chip at TSMC Arizona

Electronics – Adafruit Daily — SMT Tip – Stop moving around!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.

Filed under: android, bluetooth, Security —
Tags: android, bluetooth, security, vulnerability — by Anne Barela

Comments Off