Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account


New Bluetooth vulnerability exposed: dating back to 2012, attackers can remotely take over devices

2024-02-27 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >


Shulou( Report-- December 8, SkySafe researcher Marc Newlin released a GitHub blog post on December 6, revealing a high-risk Bluetooth vulnerability that affects Android, iOS, Linux and macOS devices.

The vulnerability tracking number, CVE-2023-45866, is an identity bypass vulnerability that dates back to 2012, which allows attackers to trick the Bluetooth host state without user confirmation, pairing fake keyboards, and injecting attacks to execute code as victims.

Newlin said that in the Bluetooth specification, the underlying pairing mechanism is unauthenticated and can be exploited by attackers. He said the full details of the vulnerability and proof-of-concept scripts would be publicly demonstrated at subsequent meetings.

Emily Phelps (Emily Phelps), director of Cyware, said attackers could use the vulnerability to remotely control the victim's device without authentication, depending on the system, downloading applications, sending messages or running commands. previously reported that Google's December Android security update had fixed the CVE-2023-45866 vulnerability. In addition, for more detailed information about the vulnerability, you can visit GitHub blog posts.

Related readings:

"Google December update fixes a" key "vulnerability: arbitrary code can be executed remotely without user interaction"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information


© 2024 SLNews company. All rights reserved.