Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)::A recently discovered critical vulnerabilities (CVE-2023-45866, CVE-2024-21306) in Bluetooth can be exploited to inject keystrokes without user confirmation – by accepting any Bluetooth pairing request. These vulnerabilities affect Android, Linux, macOS, iOS, and Windows operating systems, making it a serious threat to users across different platforms. The vulnerabilities were discovered by Marc Newlin, that also

  • Kelly@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    10 months ago

    … published prove-of-concept [sic] exploitation scripts. Using these scripts, it is possible to inject keystrokes to any unpatched Android and Linux device in Bluetooth proximity by impersonating Bluetooth keyboard.