Security Operations

570 readers

1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 1 year ago

MODERATORS

L3s

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866) (www.mobile-hacker.com)

submitted 10 months ago by L4s to c/secops

1 comments fedilink hide all child comments

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)::A recently discovered critical vulnerabilities (CVE-2023-45866, CVE-2024-21306) in Bluetooth can be exploited to inject keystrokes without user confirmation – by accepting any Bluetooth pairing request. These vulnerabilities affect Android, Linux, macOS, iOS, and Windows operating systems, making it a serious threat to users across different platforms. The vulnerabilities were discovered by Marc Newlin, that also

you are viewing a single comment's thread
view the rest of the comments

[–] Kelly 4 points 10 months ago* (last edited 10 months ago)

... published prove-of-concept [sic] exploitation scripts. Using these scripts, it is possible to inject keystrokes to any unpatched Android and Linux device in Bluetooth proximity by impersonating Bluetooth keyboard.