A Bluetooth vulnerability will make it possible for fast-acting hackers to weaken the encryption of devices. Eventually, this will allow the attacker to snoop on data on the device. They could even send false communication to take over a device.

The vulnerability allows the hacker to force a pair of Bluetooth devices to use weaker encryption. This inherently makes it easy to crack the Bluetooth device. When two Bluetooth devices connect, they establish a new encryption key. What an attacker could do is to get in the midst of this encrypted setup process. This way, it would trick the two devices into using a short encryption key.

Now, the attacker would only need to perform an attack against one of the devices to figure out the exact password. However, you don’t need to panic too much if you are using a Bluetooth device.

This is because the attacker would need to be present during the Bluetooth connection to be able to hack the devices. They will also need to block each device’s initial transmission when establishing the passkey length.

Furthermore, the hacker will need to broadcast their own message or carry out the hack within a very short period of time. The hacker would have to be within the range of the Bluetooth and repeat the same process each time they want to hack in. Also, the hack is only applicable to traditional Bluetooth devices. Some Bluetooth devices also have inbuilt protection against it with their hard-coded minimum password strength.

The organisation behind Bluetooth suggests that devices should implement minimum password strength on all vulnerable devices. This way, they hope this flaw can be dealt with as they say there is not much they can do.