IIRC long ago I read that this is a flaw/feature of the USB protocol itself.
Maybe “Seller (…) doesn’t consider the behavior a vulnerability” … ah wait, I’m gonna read the article now.
Right, the real culprit isn’t the USB connection but Creative’s proprietary but totally unprotected transfer protocol that allows third parties to communicate with the device both ways, even load new firmware. No code signing there, either.
I find both headline and first half of the article misleading; this is not restricted to a specific device. Possibly not even to one manufacturer.
But at least it ends with
It also raises the question: What other Bluetooth devices open users to the same attacks?
Right. The common one is an initially malicious device given to an unsuspecting user. This is a stock device that a user already has and trusts. It’s a huge vulnerability that an unauthenticated user can completely take it over. This is a 9.3 CVE, without even considering pivoting to the PC.
IIRC long ago I read that this is a flaw/feature of the USB protocol itself.
Maybe “Seller (…) doesn’t consider the behavior a vulnerability” … ah wait, I’m gonna read the article now.
Right, the real culprit isn’t the USB connection but Creative’s proprietary but totally unprotected transfer protocol that allows third parties to communicate with the device both ways, even load new firmware. No code signing there, either.
I find both headline and first half of the article misleading; this is not restricted to a specific device. Possibly not even to one manufacturer.
But at least it ends with
Right. The common one is an initially malicious device given to an unsuspecting user. This is a stock device that a user already has and trusts. It’s a huge vulnerability that an unauthenticated user can completely take it over. This is a 9.3 CVE, without even considering pivoting to the PC.