CVE-2024-43763
📋 TL;DR
This CVE describes a logic error in Android's Bluetooth GATT server component that allows nearby attackers to cause denial of service without user interaction. The vulnerability affects Android devices with Bluetooth enabled, potentially disrupting Bluetooth functionality. No special privileges are required for exploitation.
💻 Affected Systems
- Android
📦 What is this software?
Android by Google
Android by Google
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
Permanent Bluetooth service disruption requiring device reboot, potentially affecting medical devices, wearables, or IoT devices that rely on Bluetooth connectivity.
Likely Case
Temporary Bluetooth service disruption affecting device pairing, file transfers, and peripheral connections until service restart.
If Mitigated
Minimal impact with Bluetooth disabled or devices patched; affected functionality limited to Bluetooth services only.
🎯 Exploit Status
Exploitation requires Bluetooth proximity but no authentication or user interaction; attack tools could be developed from public vulnerability details.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: January 2025 Android Security Patch Level or later
Vendor Advisory: https://source.android.com/security/bulletin/2025-01-01
Restart Required: Yes
Instructions:
1. Check for system updates in Settings > System > System update. 2. Install January 2025 security patch. 3. Reboot device after installation. 4. Verify patch level in Settings > About phone > Android version.
🔧 Temporary Workarounds
Disable Bluetooth
androidTurn off Bluetooth when not in use to prevent exploitation
adb shell settings put global bluetooth_on 0
Or manually disable via Settings > Connected devices > Connection preferences > Bluetooth
Restrict Bluetooth visibility
androidSet Bluetooth to non-discoverable mode to reduce attack surface
adb shell settings put global bluetooth_discoverability 0
Or via Settings > Connected devices > Connection preferences > Bluetooth > Device name
🧯 If You Can't Patch
- Disable Bluetooth completely for critical devices
- Implement physical security controls to limit Bluetooth proximity to untrusted devices
🔍 How to Verify
Check if Vulnerable:
Check Android security patch level: Settings > About phone > Android version > Android security patch level. If before January 2025, device is vulnerable.Check Version:
adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify Android security patch level shows January 2025 or later; test Bluetooth functionality remains stable when receiving malformed GATT requests.📡 Detection & Monitoring
Log Indicators:
- Bluetooth service crashes in logcat
- GATT server error messages
- Bluetooth stack restart events
Network Indicators:
- Unusual Bluetooth connection attempts from unknown MAC addresses
- Malformed Bluetooth Low Energy packets
SIEM Query:
source="android_logs" AND ("Bluetooth" AND ("crash" OR "error" OR "GATT"))