According to security specialists, flaws in wireless chip designs might allow malevolent hackers to steal data and passwords from devices. Attackers might use “wireless coexistence” or shared component characteristics on millions of mobile devices, as per researchers from the Technical University of Darmstadt’s Secure Mobile Networking Group (Germany) and the University of Brescia’s CNIT (Italy).
Radio components with shared resources, combination chips, and System on a Chip (SoC) architectures are often used in wireless devices. These SoCs control multiple radio interfaces, such as Bluetooth, Wi-Fi, LTE (4G), and 5G.
According to researchers, these interfaces generally share components such as memory and resources like antennas and wireless airwaves. Designers use wireless coexistence to facilitate resource sharing and improve network performance. They cause security problems that are difficult, if not impossible, to fix.
While SoCs are continually tuned for energy efficiency, fast throughput, and low latency communication, the researchers caution that security hasn’t always been a top priority.
In experiments, researchers created a mobile test rig for about $100 and used a Bluetooth connection to extract network passwords and alter traffic on a Wi-Fi chip in an over-the-air attack. They claim that coexistence attacks allow for a new sort of lateral privilege escalation across chip boundaries.
The researchers constructed a proof-of-concept using Silicon Labs, Broadcomm, and Cypress technology to exploit shared resources. The researchers discovered nine CVEs, which informed chipmakers and the Bluetooth SIG and other coexistence interface manufacturers.
Attackers can elevate privileges from one wireless chip or core to another. On the other hand, serial coexistence methods can leak data across wireless chips, revealing packet kinds and activities. They discovered that malicious hackers might get keypress timings from a Bluetooth device to deduce passwords and password lengths. This research paper has further information on the study.