UniKey Technologies, Inc. collaborated with leading IoT security company, Armis for a quick response to potentially compromised device security
In November of 2018, Armis, the enterprise IoT security company, announced they had identified vulnerabilities related to Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), known as BLEEDINGBIT. Since these affected BLE radio components were used in some UniKey reference designs and products, UniKey worked closely with TI and Armis to implement immediate corrective action. Though there is relatively low exposure from a security risk standpoint and any executed attack is recoverable without permanent damage to the devices, UniKey still found it prudent to be meticulous and thorough in response.
UniKey’s security architecture inherently distrusts system components outside of our direct control, including the BLE software stack running on third-party components. Due to this, the vulnerability cannot be exploited to initiate locking or unlocking of any UniKey powered devices. In addition, all UniKey products support encrypted, over-the-air firmware updates. As security is UniKey’s main priority, the company took immediate action to push out a patch and worked with its partners to distribute the necessary software updates to the potentially impacted products.
UniKey is constantly looking for ways to improve the at-door experience, while always keeping security top of mind. Through new advancements in technology and collaborations with organizations such as Armis, UniKey continues to enhance the security of its platform offering.
To find out more about the vulnerability, please visit https://armis.com/bleedingbit/.
For any UniKey related questions or concerns, please contact us at firstname.lastname@example.org.