As an active member of Bluetooth Special Interest Group (Bluetooth SIG), Cypress keeps up with latest developments and security concerns.
On August 15, 2019, researchers publicized a vulnerability, called the Key Negotiation Of Bluetooth (KNOB) attack, that attacks the encryption key negotiation protocol of Bluetooth BR/EDR. Cypress has analyzed the announcement, supporting documentation, and subsequent recommendations.
Cypress is committed to wireless communication security and to incorporating relevant security recommendations for Bluetooth in future software releases. We encourage our customers to contact their sales and applications representatives with any questions.
Cypress thanks the researchers for their responsible reporting of this issue. If you believe you have identified a vulnerability in any Cypress product, please visit our security response page and email the Product Security Incident Response Team (PSIRT) at psirt@cypress.com.
