Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing - Mobile Hacker
www.mobile-hacker.com
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation results in locking user out of its device in a loop. If Auto factory […]

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)::A recently discovered critical vulnerabilities (CVE-2023-45866, CVE-2024-21306) in Bluetooth can be exploited to inject keystrokes without user confirmation – by accepting any Bluetooth pairing request. These vulnerabilities affect Android, Linux, macOS, iOS, and Windows operating systems, making it a serious threat to users across different platforms. The vulnerabilities were discovered by Marc Newlin, that also

  • Kelly@lemmy.worldEnglish
    4·
    10 months ago

    … published prove-of-concept [sic] exploitation scripts. Using these scripts, it is possible to inject keystrokes to any unpatched Android and Linux device in Bluetooth proximity by impersonating Bluetooth keyboard.