D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on October 30, 2020, 06:42:32 AM

Title: BLURtooth - Key Overwrite Vulnerability
Post by: GreenBay42 on October 30, 2020, 06:42:32 AM
D-Link has been informed of a vulnerability called BLURtooth that could potentially allow for key overwrite attacks on devices supporting Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD). D-Link has immediately investigated and confirmed that D-Link products are not affected by this vulnerability.

D-Link’s Bluetooth-supported products use a proprietary encryption mechanism as a security measure. Additionally, the products only use Bluetooth during initial product setup, after which it is closed. Therefore, D-Link confirms that their products are not affected by BLURtooth. As soon as Bluetooth SIG has updates, D-Link will upgrade their products accordingly to ensure the safety and privacy of their products and users.

Please visit https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10193 (https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10193) for more information.