The Bluetooth Low Energy (BLE) is regarded as the most popular short range wireless communication technology in the recent years. According to reports, the number of BLE devices is expected to reach over 7 Billion in the next 4 years including mobile phones, IoT devices, computers, headphones, smart watches, etc. With this large attack surface, adversaries often target BLE devices to bypass security and privacy expectations. To ensure proper security measures, the Bluetooth Special Interest Group (SIG) actively works on updating the protocol specifications and maintaining standards. Despite the efforts, as BLE comprises a complex layered architecture and a plethora of different kinds of devices, having different capabilities and versions, implement the protocol, the implementations often fail to follow the specifications correctly and show noncompliant behavior.

BLEDiff provides an automated black-box noncompliance checking framework for BLE devices and identifies several security issues in the tested devices.

BLEDiff has been accepted to IEEE S&P 2023

Identified Vulnerabilities

Tab.: Summary of identified issues (E: exploitable issue, I: interoperability issue, O: other issue)

Affected Devices

Tab.: Summary of affected devices

Responsible Disclosure Progress

Open Source Implementation

BLEDiff has been completely open-sourced at the github repository. Please contact the authors with any issues.