Security News > 2023 > December > New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
2023-12-07 11:46
A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass
News URL
https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html
Related news
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- iOS devices face twice the phishing attacks of Android (source)
- SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-45866 | Improper Authentication vulnerability in multiple products Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. | 6.3 |