PSIRT Advisory

CVE-2019-9506 Encryption Key Negotiation of Bluetooth (KNOB) Vulnerability

Summary

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.


This vulnerability only affects Bluetooth BR/EDR mode (aka. Classic mode), and does not impact Bluetooth LE mode (aka. BLE, Smart mode)

Impact

Information Disclosure

Affected Products

FortiOS is not impacted

FortiAP is not impacted

FortiAnalyzer is not impacted

FortiManager is not impacted

FortiSwitch below 6.4.0 is impacted (*)


* only FortiSwitch 424E, 426E and 448E series models under 6.0.x and 6.2.x and when their bluetooth feature been enabled and used then impacted.

Solutions

Upgrade to FortiSwitch 6.4.0


Starting from FortiSwitch 6.4.0, a new CLI option "min-key-length" was added:


config system bluetooth
set  min-key-length [length] /* default length value is 7, allow 1 to 16 */
end

system will check the "pin" length based on min-key-length setting.


Workaround:


For FortiSwitch below 6.4.0, ensure the Bluetooth pair pin length  is at least 7 characters:


config system bluetooth
set pin xxxxxxx /* ensure pin length >= 7 characters */
end


Revision History:

2020-04-17 Initial Version

2020-04-23 Detail the FortiSwitch impact models and condition.