The issue
The flaw is said to be in the way Bluetooth low energy devices communicate with the mobile applications that control them.
“At a minimum, a hacker could determine whether you have a particular Bluetooth device, such as a smart speaker, at your home, by identifying whether or not your smart device is broadcasting the particular UUIDs identified from the corresponding mobile apps,” said Zhiqiang Lin, associate professor of computer science and engineering at The Ohio State University.
Assessing the impact of the issue
To test how the issue impacted devices in the real world, the team of researchers built a hacking device to identify Bluetooth devices based on broadcasting messages.
Vulnerable apps
The Google Play Store was found to contain more than 18,000 apps that were vulnerable to this security flaw.
Publisher