Bluetooth Vulnerability Exposes Australian Police Locations

Severity: High (Score: 66.5)

Sources: Ia.Acs.Au, Abc.Au

Summary

A security flaw in Bluetooth-enabled tasers and body-worn cameras from Axon allows hackers to track Australian police officers' real-time locations using publicly available apps. A hacker demonstrated this vulnerability by detecting multiple devices in a short period, revealing their latitude, longitude, model, and serial numbers. Despite notifying police and national security agencies about the risk in 2024, the hacker received no response, and police agencies have downplayed the threat. The flaw arises from the lack of MAC address randomization, which is standard in many mobile devices. The hacker claims the vulnerability could facilitate pre-planned attacks on police officers. Victoria Police stated they have not experienced unauthorized tracking incidents, but the lack of action raises concerns about officer safety. The issue highlights a significant gap in operational security for law enforcement agencies across Australia. Key Points: • Axon's tasers and body cameras expose police locations due to Bluetooth security flaws. • A hacker demonstrated the ability to track officers using a simple Android app. • Police agencies have been informed of the risk but have not taken adequate action.

Key Entities

• Data Breach (attack_type)
• Axon Enterprise (company)
• Australia (country)
• CWE-200 - Exposure of Sensitive Information (cwe)
• Government (industry)
• Android (platform)
• Bluetooth (platform)
• Wi-Fi (platform)
• Bluetooth Scanner Units (tool)