CAPEC-666
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Description
An adversary uses Bluetooth flooding to transfer large packets to Bluetooth enabled devices over the L2CAP protocol with the goal of creating a DoS. This attack must be carried out within close proximity to a Bluetooth enabled device.
Informations
Execution Flow
1) Explore
[Scan for Bluetooth Enabled Devices] Using BlueZ along with an antenna, an adversary searches for devices with Bluetooth on.
Technique
- Note the MAC address of the device you want to attack.
2) Experiment
[Change L2CAP Packet Length] The adversary must change the L2CAP packet length to create packets that will overwhelm a Bluetooth enabled device.
Technique
- An adversary downloads and installs BlueZ, the standard Bluetooth utility package for Linux.
3) Exploit
[Flood] An adversary sends the packets to the target device, and floods it until performance is degraded.
Prerequisites
The system/application has Bluetooth enabled.Skills Required
An adversary only needs a Linux machine along with a Bluetooth adapter, which is extremely common.Mitigations
Disable Bluetooth when not being used.When using Bluetooth, set it to hidden or non-discoverable mode.
Related Weaknesses
| Weakness Name | |
|---|---|
| Improper Resource Shutdown or Release The product does not release or incorrectly releases a resource before it is made available for re-use. |
References
REF-655
What is BlueSmack Attack?Amrita Mitra.
https://www.thesecuritybuddy.com/bluetooth-security/what-is-bluesmack-attack/
Submission
| Name | Organization | Date | Date Release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
2025©
tesweb SA
