BrakTooth
What is BrakTooth?
BrakToothA 2021 family of 16+ Bluetooth Classic vulnerabilities in commercial SoCs disclosed by researchers at the Singapore University of Technology and Design.
BrakTooth is a family of at least 16 vulnerabilities in commercial Bluetooth Classic (BR/EDR) SoC firmware, disclosed in August 2021 by the ASSET research group at the Singapore University of Technology and Design. The flaws were demonstrated in chips from Intel, Qualcomm, Texas Instruments, Cypress (now Infineon), Silicon Labs, and others, affecting an estimated 1,400+ commercial products including laptops, smartphones, and IoT devices. Impacts ranged from denial of service via deadlocks and crashes to arbitrary code execution, with the most severe being CVE-2021-28139 in Espressif ESP32 firmware. Vendors issued staggered patches through 2021 and 2022, but the prevalence of unpatched embedded systems means BrakTooth remains a practical risk in industrial and consumer environments.
● Examples
- 01
Espressif ESP32 RCE via CVE-2021-28139 demonstrated by the ASSET research group.
- 02
Denial-of-service crashes triggered against Intel, Qualcomm, and TI Bluetooth controllers in 2021.
● Frequently asked questions
What is BrakTooth?
A 2021 family of 16+ Bluetooth Classic vulnerabilities in commercial SoCs disclosed by researchers at the Singapore University of Technology and Design. It belongs to the Attacks & Threats category of cybersecurity.
What does BrakTooth mean?
A 2021 family of 16+ Bluetooth Classic vulnerabilities in commercial SoCs disclosed by researchers at the Singapore University of Technology and Design.
How does BrakTooth work?
BrakTooth is a family of at least 16 vulnerabilities in commercial Bluetooth Classic (BR/EDR) SoC firmware, disclosed in August 2021 by the ASSET research group at the Singapore University of Technology and Design. The flaws were demonstrated in chips from Intel, Qualcomm, Texas Instruments, Cypress (now Infineon), Silicon Labs, and others, affecting an estimated 1,400+ commercial products including laptops, smartphones, and IoT devices. Impacts ranged from denial of service via deadlocks and crashes to arbitrary code execution, with the most severe being CVE-2021-28139 in Espressif ESP32 firmware. Vendors issued staggered patches through 2021 and 2022, but the prevalence of unpatched embedded systems means BrakTooth remains a practical risk in industrial and consumer environments.
How do you defend against BrakTooth?
Defences for BrakTooth typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for BrakTooth?
Common alternative names include: BrakTooth family, SUTD ASSET BrakTooth.
● Related terms
- attacks№ 111
BlueBorne
A 2017 set of Bluetooth vulnerabilities discovered by Armis that allowed remote code execution and man-in-the-middle attacks on Android, iOS, Linux, and Windows.
- attacks№ 102
BleedingTooth
A 2020 set of Linux BlueZ Bluetooth vulnerabilities, headlined by CVE-2020-12351, that permitted zero-click remote code execution on vulnerable Linux hosts.
- ot-iot№ 552
IoT Security
The discipline of protecting Internet-of-Things devices, gateways, networks, and cloud services from compromise, given their scale, constrained resources, and long lifetimes.