During an on-site penetration test, you plan to evaluate whether several legacy Android 6.0 smartphones are susceptible to the BlueBorne vulnerability (CVE-2017-0785) that allows unauthenticated remote code execution over Bluetooth. Given the attack's requirements, which single precondition must actually be satisfied before you can attempt exploitation?
The target device remains in Bluetooth discoverable mode for the duration of the attack.
The attacker has obtained the target's Bluetooth pairing PIN or passkey in advance.
The victim manually accepts an incoming Bluetooth file-transfer or pairing request.
The target device's Bluetooth radio is turned on and the attacker is within wireless range.
BlueBorne abuses flaws in the Bluetooth implementation (L2CAP and SDP) to achieve code execution without any prior pairing or user interaction. The only condition is that the victim's Bluetooth radio is active and close enough for a link-layer connection. Devices do not need to be in discoverable mode, no PIN is required, and the user is not prompted to accept any action, making the attack completely invisible once Bluetooth is enabled.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Can you explain more about what the BlueBorne vulnerability (CVE-2017-0785) is?
Open an interactive chat with Bash
Why is Bluetooth discoverable mode not necessary for BlueBorne attacks?
Open an interactive chat with Bash
How does proximity factor into BlueBorne attacks?
Open an interactive chat with Bash
What is the BlueBorne vulnerability?
Open an interactive chat with Bash
How does L2CAP and SDP contribute to the BlueBorne vulnerability?
Open an interactive chat with Bash
What precautions can mitigate the risk of BlueBorne?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Wireless Network Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .