Security News > 2023 > December > New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
2023-12-07 11:46

A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass


News URL

https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-45866 Improper Authentication vulnerability in multiple products
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access.
6.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232
Bluetooth 4 0 9 7 0 16