L4sBot@lemmy.worldB to

Security Operations@lemmy.world · 10 months ago

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)

www.mobile-hacker.com

1

16

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)

www.mobile-hacker.com

L4sBot@lemmy.worldB to

Security Operations@lemmy.world · 10 months ago

1

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing - Mobile Hacker

www.mobile-hacker.com

[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation results in locking user out of its device in a loop. If Auto factory […]

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)::A recently discovered critical vulnerabilities (CVE-2023-45866, CVE-2024-21306) in Bluetooth can be exploited to inject keystrokes without user confirmation – by accepting any Bluetooth pairing request. These vulnerabilities affect Android, Linux, macOS, iOS, and Windows operating systems, making it a serious threat to users across different platforms. The vulnerabilities were discovered by Marc Newlin, that also

You must log in or register to comment.

Chat

Kelly@lemmy.world
link
fedilink
English
arrow-up
4·
edit-2
10 months ago

… published prove-of-concept [sic] exploitation scripts. Using these scripts, it is possible to inject keystrokes to any unpatched Android and Linux device in Bluetooth proximity by impersonating Bluetooth keyboard.