CVE-2024-34722
📋 TL;DR
This vulnerability allows attackers to bypass authentication during legacy Bluetooth Low Energy (BLE) pairing, potentially enabling unauthorized access to Bluetooth-enabled devices. It affects Android devices with vulnerable Bluetooth implementations, requiring no user interaction for exploitation.
💻 Affected Systems
- Android devices with Bluetooth functionality
📦 What is this software?
Android by Google
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
Remote attacker gains unauthorized access to device via Bluetooth, potentially intercepting sensitive data or executing privileged operations without authentication.
Likely Case
Unauthorized Bluetooth pairing leading to data interception or device control in proximity attacks.
If Mitigated
Limited impact if Bluetooth is disabled or devices use secure pairing methods.
🎯 Exploit Status
Exploitation requires proximity to target device and knowledge of Bluetooth protocol flaws.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android security patches from July 2024 and January 2025
Vendor Advisory: https://source.android.com/security/bulletin/2025-01-01
Restart Required: Yes
Instructions:
1. Check for Android system updates in Settings > System > System update. 2. Install available security updates. 3. Restart device after installation.
🔧 Temporary Workarounds
Disable Bluetooth when not in use
androidTurn off Bluetooth functionality to prevent exploitation attempts
Settings > Connected devices > Connection preferences > Bluetooth > Toggle off
Use secure pairing methods
androidConfigure devices to use secure connections pairing instead of legacy BLE pairing
Settings > Connected devices > Pair new device > Select device > Use secure pairing option
🧯 If You Can't Patch
- Disable Bluetooth completely on vulnerable devices
- Implement network segmentation to isolate Bluetooth-enabled devices
🔍 How to Verify
Check if Vulnerable:
Check Android security patch level in Settings > About phone > Android version > Security patch level. If before July 2024, device is vulnerable.Check Version:
adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify security patch level shows July 2024 or later in Settings > About phone > Android version > Security patch level.📡 Detection & Monitoring
Log Indicators:
- Unexpected Bluetooth pairing attempts
- Failed authentication attempts during BLE pairing
Network Indicators:
- Unusual Bluetooth traffic patterns
- Legacy BLE pairing attempts from unknown devices
SIEM Query:
source="bluetooth" AND (event="pairing_attempt" OR event="auth_failure") AND protocol="LEGACY_BLE"