Security News > 2023 > December > New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
2023-12-07 11:46
A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass
News URL
https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html
Related news
- AWS, Azure auth keys found in Android and iOS apps used by millions (source)
- Millions of Android and iOS users at risk from hardcoded creds in popular apps (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Hackers use macOS extended file attributes to hide malicious code (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-45866 | Improper Authentication vulnerability in multiple products Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. | 6.3 |