Silent Intruders: Unveiling Security Flaws in BLE Smart Locks

Download PDF
Open Webpage

Jing Lin, Zhide Chen, Xu Yang, Xuechao Yang, Xiaoding Wang, Xun Yi, Md. Jalil Piran

Published: 2025, Last Modified: 27 Jan 2026IEEE Trans. Consumer Electron. 2025EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: Smart locks are increasingly deployed as critical consumer electronics in smart city environments, offering keyless access and remote management through Bluetooth Low Energy (BLE). Their widespread use across diverse spatial and temporal contexts introduces unique security challenges that remain underexplored. In this work, we conduct a comprehensive analysis of prior CVEs, academic studies, and technical reports to summarize seven established attack vectors. Additionally, we uncover three novel threats—Compromise of Shareable Access Credentials, SDK Exploitation, and Time-Reset Replay, exposing critical but previously overlooked flaws. Our comprehensive evaluation of 18 commercial BLE smart locks reveals that 14 devices remain vulnerable to attacks, affecting over 20 million users. These attacks enable unauthorized access, service denial, and bypass logging—even on devices claiming advanced security. To mitigate such risks, we propose DGCSafe, a lightweight, OTA-updatable architecture tailored for constrained IoT devices. DGCSafe incorporates context-aware defenses and supports temporal state validation. Formal verification and real-world testing confirm its effectiveness. Our work provides actionable insights into securing smart lock deployments and demonstrates the importance of intelligent analytics for safeguarding consumer electronics in smart city infrastructures.