As mentioned in this article are these vulnerabilities addressed in Nordic Semiconductor's products?
https://thehackernews.com/2020/02/hacking-bluetooth-vulnerabilities.html
Best regards,
Vishnu Pradeep
As mentioned in this article are these vulnerabilities addressed in Nordic Semiconductor's products?
https://thehackernews.com/2020/02/hacking-bluetooth-vulnerabilities.html
Best regards,
Vishnu Pradeep
Final update:
The investigation is now finished.
Nordic has determined:
- nRF51 SoftDevices are NOT affected by these attacks (S110, S120, S130 all versions)
- nRF52 SoftDevices are NOT affected by these attacks (S112, S113, S132, S140 all versions)
Thanks for the info Kenneth. An official statement/communication in the form of an Informational Notice or similar would be very much appreciated though.
In response to brindusa below you mention "Nordic is not documented as an affected platform" and "The fact that our devices and software are unaffected is evidenced in the fact we are not identified in the CVEs". I don't agree with that. It could be a false negative, because I can't find in the article (https://asset-group.github.io/disclosures/sweyntooth/sweyntooth.pdf) that Nordic chips were subjected to the same attacks/tests.
Did Nordic perform their own tests to see if their nRF chips are vulnerable?
Thank you
Tom
Thanks for the info Kenneth. An official statement/communication in the form of an Informational Notice or similar would be very much appreciated though.
In response to brindusa below you mention "Nordic is not documented as an affected platform" and "The fact that our devices and software are unaffected is evidenced in the fact we are not identified in the CVEs". I don't agree with that. It could be a false negative, because I can't find in the article (https://asset-group.github.io/disclosures/sweyntooth/sweyntooth.pdf) that Nordic chips were subjected to the same attacks/tests.
Did Nordic perform their own tests to see if their nRF chips are vulnerable?
Thank you
Tom
tomschreurs said:Did Nordic perform their own tests to see if their nRF chips are vulnerable?
Yes, Nordic has both inspected source code and run the attack tools to double confirm all findings.