Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

BrakTooth Proof of Concept Tool Demonstrates Bluetooth Vulnerabilities

Last Revised

On November 1, 2021, researchers publicly released a BrakTooth proof-of-concept (PoC) tool to test Bluetooth-enabled devices against potential Bluetooth exploits using the researcher’s software tools. BrakTooth—originally disclosed in August 2021—is a family of security vulnerabilities in commercial Bluetooth stacks. An attacker could exploit BrakTooth vulnerabilities to cause a range of effects from denial-of-service to arbitrary code execution.

CISA encourages manufacturers, vendors, and developers to review BRAKTOOTH: Causing Havoc on Bluetooth Link Manager and update vulnerable Bluetooth System-on-a-Chip (SoC) applications or apply appropriate workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.