CTOnews.com December 8, SkySafe researcher Marc Newlin released a GitHub blog post on December 6, revealing a high-risk Bluetooth vulnerability that affects Android, iOS, Linux and macOS devices.
The vulnerability tracking number, CVE-2023-45866, is an identity bypass vulnerability that dates back to 2012, which allows attackers to trick the Bluetooth host state without user confirmation, pairing fake keyboards, and injecting attacks to execute code as victims.
Newlin said that in the Bluetooth specification, the underlying pairing mechanism is unauthenticated and can be exploited by attackers. He said the full details of the vulnerability and proof-of-concept scripts would be publicly demonstrated at subsequent meetings.
Emily Phelps (Emily Phelps), director of Cyware, said attackers could use the vulnerability to remotely control the victim's device without authentication, depending on the system, downloading applications, sending messages or running commands.
CTOnews.com previously reported that Google's December Android security update had fixed the CVE-2023-45866 vulnerability. In addition, for more detailed information about the vulnerability, you can visit GitHub blog posts.
"Google December update fixes a" key "vulnerability: arbitrary code can be executed remotely without user interaction"
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
On November 16, Qualcomm officially launched a new generation of flagship mobile platform Snapdragon 8 Gen 2 at the 2022 Snapdragon Technology Summit. As the standard computing platform for the next generation of flagship smartphones, Snapdragon 8 Gen 2 integrates many industry-leading technological innovations.
Thanks to CTOnews.com netizens Xiao Zhan cut, South China Daniel Wu's clue delivery! CTOnews.com news on March 21, foreign science and technology media NotebookCheck reported, according to reliable sources RGCloudS shared
CTOnews.com, 11 / 11 / PRNewswire-FirstCall-Asianet /-- according to Business Insider, there are almost no competitors' ads placed on Apple's product search results pages and product pages on Amazon. Photo Source: disclosed in the Insider report
Thank CTOnews.com netizens for the delivery of suitcase clues! CTOnews.com news on February 2, the OZ 300mm F4.0 IS PRO lens recently ushered in a Ver1.6 firmware upgrade, which improved the recovery of lens hibernation
CTOnews.com, April 24 (Xinhua) Tesla is a well-known electric car manufacturer, but its CEO Elon Musk is not just a car tycoon. He also serves as SpaceX, a space exploration company, and Neural, a brain-computer interface company.