On 11th February 2020, the ASSET Group of SUTD released SweynTooth. SweynTooth captures a family of 12 vulnerabilities (more under non-disclosure) across different Bluetooth Low Energy (BLE) software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. The vulnerabilities expose flaws in specific BLE SoC implementations that allow an attacker in radio range to trigger deadlocks, crashes and buffer overflows or completely bypass security depending on the circumstances. Please click the link or drop an email to SweynTooth <the-at-symbol> gmail.com
for details.
The main contributor of SweynTooth is Mr. Matheus E. Garbelini. He is a first-year PhD student of SUTD, working with Dr. Sudipta Chattopadhyay and Chundong.