According to media reports, Israeli company Armis recently revealed that the low-power Bluetooth chip produced by Texas Instruments (TI) contains two major security vulnerabilities. Hackers can use the related vulnerabilities to invade the corporate network, control wireless APs or install malware.
Armis named the vulnerability BLEEDINGBIT. The first BLEEDINGBIT vulnerability affects the TI BLE chip of the CC2640 and CC2650, this vulnerability may cause memory corruption on the stack and further harm the AP's main system.
The second BLEEDINGBIT vulnerability is hidden in the TI BLE chip of CC2540. The chip has Over the Air Download (OAD) function to facilitate firmware update. Although this function is mainly used as a development tool, it is still a back door technically, allow close hackers to access and install malicious firmware. The researchers said that the default configuration of this OAD feature does not contain security mechanisms, can not distinguish between reliable or suspicious firmware updates, hackers can use this feature to invade the corporate network.
Armis CEO Yevgeny Dibrov pointed out that BLEEDINGBIT allows hackers to invade the corporate network silently and disrupt the network segment, which is a big risk to corporate security.
As of now, TI has patched the first vulnerability, and Armis is still evaluating the impact of the BLEEDINGBIT vulnerability.