Threat Category: Network Threats: Bluetooth
Threat Description: An attacker may be able to force or entice a Bluetooth device to participate in Just Works SSP, which is susceptible to MiTM attacks.
Guide to Bluetooth Security: Draft NIST SP 800-121rev2 1
To reduce opportunity for this attack, disable Bluetooth when that feature is not in use.Enterprise
Use EMM/MDM solutions in combination with devices that successfully enforce a policy inhibit Just Works functionality or disable Bluetooth entirely, as appropriate.
J. Padgette et. al, Guide to Bluetooth Security, Draft SP 800-121 rev. 2, National Institute of Standards and Technology, 2016; http://csrc.nist.gov/publications/drafts/800-121/sp800_121_r2_draft.pdf [accessed 12/07/2016] ↩