Support Announcements
D-Link products unaffected by BLURtooth :: CVE-2020-15802 :: Bluetooth LE or BR/EDR Standards are suseptible to Man-In-the-Middle security exploit.

D-Link has been informed of a vulnerability called BLURtooth that could potentially allow for key overwrite attacks on devices supporting Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD). D-Link has immediately investigated and confirmed that D-Link products are not affected by this vulnerability.

 

D-Link’s Bluetooth-supported products use a proprietary encryption mechanism as a security measure. Additionally, the products only use Bluetooth during initial product setup, after which it is closed. Therefore, D-Link confirms that their products are not affected by BLURtooth. As soon as Bluetooth SIG has updates, D-Link will upgrade their products accordingly to ensure the safety and privacy of their products and users.  

 

References:

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15802
  • https://gizmodo.com/bluetooth-unveils-its-latest-security-issue-with-no-se-1845013709
  • https://www.kb.cert.org/vuls/id/589825