Two 0-day flaws leave millions of wireless access points vulnerable

Two zero-day vulnerabilities are present in Bluetooth Low-Energy chips made by Texas Instruments that are used in millions of wireless access points.
By leveraging them hackers can exploit the wireless access points from approximately 100 to 300 feet away from them.

BLE is a new Bluetooth protocol designed for low-power consumption devices such as IoT hardware. It’s significant for a number of reasons, such as its mesh capacities, but also for the fact it evolves the protocol from consumer uses to commercial IoT uses.
Experts express their concern that the BleedingBit vulnerabilities could impact a larger universe of BLE devices, such as smart locks used in hotel chains and point-of-sale hardware.

Once an access point is compromised the hacker can take control of the access point and then intercept all traffic.
Both flaws impact Wi-Fi access points made by Cisco, Cisco Meraki, and Hewlett-Packard Enterprise’s Aruba.
Good news is that Texas Instruments released patches (BLE-STACK SDK version 2.2.2) for affected hardware via OEMs. Cisco is expected to release patches for three Aironet Series wireless access points (1542 AP, 1815 AP, 4800 AP), along with patches for its Cisco Meraki series access points (MR33, MR30H, MR74, MR53E). And Aruba has released a patch for its Aruba 3xx and IAP-3xx series access points.

Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Experts are saying that the vulnerability is applicable only if the BLE radio has been enabled in affected access points. Keep in mind that the BLE radio is disabled by default.

Cisco representatives are saying that the BLE feature is disabled by default on its Aironet devices.
Aruba, instead, is advising its affected customers to disable the BLE radio to mitigate the vulnerability.
The first vulnerability, CVE-2018-16986, affects Texas Instrument chips cc2640/50 used in Cisco and Cisco Meraki access points. This vulnerability is a remote code execution flaw in the BLE chip and can be exploited by a nearby unauthenticated hacker.

The second vulnerability, CVE-2018-7080, also affects Texas Instrument’s, this time the over-the-air firmware download feature used in Aruba Wi-Fi access point Series 300 that also uses the BLE chip.
For example, last year was discovered a total of nine 0-day Bluetooth-related vulnerabilities, known as BlueBorne, in Bluetooth chips used in smartphones, TVs, laptops and car audio systems. The scale of affected devices was massive, estimated to impact billions of Bluetooth devices.
Keep in mind that our modern society is dependent on computers, mobile devices, and the use of the internet always stay safe and secured.

We would continue to monitor the cybersecurity world. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.