Telink white logo with Telink word in small size

We noticed you are using Internet Explorer.

We recommend updating to Microsoft Edge to receive the best experience of our website.

Click here to download the Microsoft Edge Browser.

Telink white logo with Telink word
Rotate your device top arrow

PLEASE ROTATE ME

Rotate your device bottom arrow
Preloader image
loading...
Telink white logo with Telink word in small size

Addressing the SweynTooth Vulnerabilities

March 11, 2020

Visualization of Bluetooth logo

A group of vulnerabilities in Bluetooth Low Energy (BLE) software development kits (SDK) has recently attracted the attention of Bluetooth developers. Collectively known as SweynTooth, these vulnerabilities can be used to compromise various smart devices.

First brought to light by Singapore University of Technology and Design’s (SUTD) Matheus E. Garbelini, Sudipta Chattopadhyay, and Chundong Wang, SweynTooth enables hackers to crash affected devices, force devices to deadlock or restart, or bypass BLE’s secure pairing mode to access functions reserved for authenticated users. SweynTooth may affect wearables, IoT products in smart homes, and devices designed for environmental tracking or sensing. Several medical and logistics products have been identified as likely to be vulnerable, as well.

Even though we now understand the underlying principles of the SweynTooth vulnerabilities, it is fair to ask, “Are my products at risk if they are built on Telink BLE chips?” According to a test list published by the SUTD researchers (see below), as long as your devices are using the listed SDK versions (or later SDK versions), they will not be vulnerable to SweynTooth.

Table credit: SUTD researchers via GitHub

If your products are using an SDK version that is earlier than the listed version, it is recommended that you perform a thorough vulnerability assessment on each product. If necessary, you can address any vulnerabilities you identify through over-the-air (OTA) updates (or a number of other methods).

Fortunately, not only do all major Telink BLE chips on the market have built-in Flash and support OTA updates, but Telink has integrated mature, stable OTA codes into all our SDKs, meaning Bluetooth developers can use them with full confidence.

Telink recognizes that security is of the utmost importance when it comes to IoT products. We are also committed to delivering extensive chip design capabilities and a rich chip design experience, and are an industry leader in the research and development of multi-mode IoT chips. Accordingly, we will continue to provide customers with IoT chips that are high-performing, secure, and reliable, helping companies quickly launch new products and establish long-term, mutually beneficial cooperative relationships with their own customers.