채팅하기
로더
연결을 설정 중입니다. 연결하는 동안 잠시 기다려 주십시오.

출혈비트 보안 취약점

Zebra LifeGuard 보안 로고

자세한 내용은 다음을 참조하십시오.

Zebra is unaware of any active exploits of this vulnerability. However, we recommend concerned customers update software for the two impacted Zebra products to mitigate the risk of exploitation. No additional LifeGuard updates will be made.

블러딩비트 로고

BLEEDINGBIT is a security vulnerability that affects Bluetooth® low energy (BLE) chips made by Texas Instruments. It consists of two related remote-control exploit issues:

memory corruption condition (CVE-2018-16986) that can occur during processing of incorrect network traffic from the BLE module. A malicious actor who is close to the target device could execute arbitrary code by sending malformed data, or execute a DoS (denial-of-service) condition which could shut down the device.

An Over-The-Air Download (OAD) functionality issue (CVE-2018-7080) that can be triggered only when the relevant BLE radio function is enabled by the device owners (it is disabled by default). A malicious actor could push altered copies of these images to gain control of the device.

영향을 받는 제품

Only the following two BLE badge products are affected. Zebra mobile devices, handheld devices, barcode scanners and printers are not impacted.

Zebra 제품 SKU 설명 업데이트 가능
GE-MB6000-01-WR 모바일 BLE 배지 1월 2019일
GE-MB5000-01-WR 고정 BLE 배지 1월 2019일

Only the above Zebra devices are impacted by CVE-2018-16986 only and CVE-2018-7080 does not apply since the OAD feature in the Texas Instruments’ (TI) CC2640 BLE chip is disabled.  The Zebra devices have an STMicroelectronics Microcontroller Unit (MCU) and BLE chip CC2640.  The MCU firmware is written on CYPRESS WICED SDK.  The firmware of the TI CC2640 is based on TI’s BLE SDK 2.1. The MCU connects to the CC2640 via a UART port. The MCU sends BLE HCI commands to the CC2640, the CC2640 does the BLE scanning continuously, and the CC2640 returns the scanned BLE packets in a predefined format to MCU.

During the scanning process, there is possible memory corruption in the CC2640 per CVE-2018-16986.  If the CC2640 is exploited, it may send garbage data over the UART port to the MCU. The MCU may or may not discard the data, depending on the data itself.  In this manner, the badge could become useless as there is no valid BLE packet data to collect inside the MCU. 

If an attacker wants to gain full control of the device the attacker needs to first gain control of the MCU. The attacker would need to find an enabling vulnerability in WICED SDK and the STM MCU as well. The hacker would then need to attack the MCU through the exploited CC2640 chip via the UART port. The possibility of exploiting the MCU (achieved in conjunction with the exploitation of undiscovered vulnerabilities in both the Wicked SDK and the STM MCU) to gain full control over the device is relatively low.

To avoid the potential of this vulnerability, Zebra must port the CC2640 firmware code to the TI BLE SDK 2.2.2. For new device this updated CC2640 firmware code can be used. For deployed devices the updated CC2640 firmware can be updated over-the-air through the MCU where the MCU pushes the new firmware to CC2640 via UART port.

Disclaimer: Zebra makes every attempt to release security updates on or about the time that Google releases its respective security bulletin. However, delivery time of security updates may vary depending on the region, product model, and third party software suppliers. Under some circumstances, the OS must be updated to the latest maintenance release prior to installing the security updates. Individual product updates will provide specific guidance.

달리 명시되지 않는 한, 새로 보고된 문제로부터 의한 적극적인 고객 착취 또는 남용에 대한 보고는 없었습니다.



Zebra Technologies 제품의 잠재적인 보안 문제를 알고 있습니까?