CyberSecurityBoard
Sponsor Register Login

Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks

An authentication bypass flaw in the Bluetooth protocol allows attackers to connect to vulnerable devices and inject keystrokes.
The issue, tracked as CVE-2023-45866, enables attackers within Bluetooth range to connect to discoverable hosts without user confirmation, warns software engineer Marc Newlin, who found the bug.
The attack, he notes, can be mounted using a Linux machine and a normal Bluetooth adapter.
An adversary can exploit the vulnerability to perform arbitrary actions, assuming those actions do not require a password or biometric authentication.
Newlin initially identified the flaw in macOS and iOS, which are vulnerable even in Lockdown Mode.
He then found similar vulnerabilities in Android and Linux, and discovered that they were a combination of implementation issues and protocol bugs.
According to the engineer, Android devices running OS iterations all the way back for version 4.2.2 are affected, if they have Bluetooth enabled.
Google has included patches for the vulnerability in the December 2023 Android security updates.
Devices running a 2023-12-05 security patch level - available for Android 11 to 14 - are patched against the flaw.
Ubuntu, Debian, Fedora, Gentoo, Arch and Alpine have announced the fix for the flaw, but only ChromeOS has enabled it to date.
MacOS and iOS are also vulnerable, if Bluetooth is enabled and a Magic Keyboard has been paired.


This Cyber News was published on www.securityweek.com. Publication date: Fri, 08 Dec 2023 12:43:04 +0000


Cyber News related to Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks

Unraveling the Wonders of Bluetooth - Continuing its evolution, Bluetooth 3.0 + HS arrived in 2009, introducing the concept of Bluetooth High Speed, leveraging Wi-Fi technology for faster data transfer over short distances. Bluetooth 4.0, introduced in 2010, marked a significant ...
1 year ago Feeds.dzone.com
Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover - Attackers can exploit a critical Bluetooth security vulnerability that's been lurking largely unnoticed for years on macOS, iOS, Android, and Linux device platforms. The keystroke injection vulnerability allows an attacker to control the targeted ...
1 year ago Darkreading.com CVE-2023-45866
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
Apple 'Find My' network can be abused to steal keylogged passwords - Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards. The Find My network and application is designed to help users locate lost or misplaced ...
1 year ago Bleepingcomputer.com
'Wall of Flippers' detects Flipper Zero Bluetooth spam attacks - A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices. By detecting the attacks and identifying their origin, users can take targeted protection measures, and culprits can ...
1 year ago Bleepingcomputer.com
New BLUFFS attack lets attackers hijack Bluetooth connections - Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle attacks. Daniele Antonioli, who discovered the attacks, ...
1 year ago Bleepingcomputer.com CVE-2023-24023
CVE-2024-49950 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 Read of size 8 ...
4 months ago Tenable.com
CVE-2021-47038 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added a dependency between socket lock and hci_dev->lock ...
1 year ago Tenable.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
11 months ago Cisa.gov
Undocumented commands found in Bluetooth chip used by a billion devices - Armed with this new tool, which enables raw access to Bluetooth traffic, Tarlogic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions. "Tarlogic Security ...
1 day ago Bleepingcomputer.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
11 months ago Cisa.gov
Bluetooth Flaw Let Hackers Takeover of iOS & Android Devices - Bluetooth vulnerabilities in Android, Linux, macOS, iOS, and Windows are critical as hackers could exploit them to gain unauthorized access to the vulnerable devices. Such flaws in Bluetooth protocols enable the threat actors to steal sensitive data, ...
1 year ago Cybersecuritynews.com
Apple and some Linux distros are open to Bluetooth attack The Register - A years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe. The bug, ...
1 year ago Go.theregister.com CVE-2023-45866
CVE-2024-53208 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ================================================================== BUG: KASAN: ...
2 months ago Tenable.com
Flipper Zero Bluetooth spam attacks ported to new Android app - Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts. Inspired by previous research on the topic and Flipper Zero applets targeting iOS ...
1 year ago Bleepingcomputer.com Rocke
BadBox malware disrupted on 500K infected Android devices - The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. HUMAN says it also discovered 24 Android apps in the official app store, ...
4 days ago Bleepingcomputer.com
CVE-2024-58013 - In the Linux kernel, the following vulnerability has been resolved: ...
1 week ago
Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks - An authentication bypass flaw in the Bluetooth protocol allows attackers to connect to vulnerable devices and inject keystrokes. The issue, tracked as CVE-2023-45866, enables attackers within Bluetooth range to connect to discoverable hosts without ...
1 year ago Securityweek.com CVE-2023-45866
Bluetooth Security Flaw Strikes Apple, Linux, and Android Devices - Vulnerabilities in the constantly changing technology landscape present serious risks to the safety of our online lives. A significant Bluetooth security weakness that affects Apple, Linux, and Android devices has recently come to light in the ...
1 year ago Cysecurity.news CVE-2023-45866
Do AirPods Work With Android? - AirPods work well with Android, but the experience may be less satisfying or convenient compared to Apple's ecosystem. Certain features are unavailable such as customizing double-tap functionality and access to Siri voice assistant. One of the best ...
1 year ago Hackercombat.com
Undocumented backdoor found in Bluetooth chip used by a billion devices - "In a context where you can compromise an IOT device with as ESP32 you will be able to hide an APT inside the ESP memory and perform Bluetooth (or Wi-Fi) attacks against other devices, while controlling the device over Wi-Fi/Bluetooth," explained the ...
1 day ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Apple Patches Keystroke Injection Vulnerability in Magic Keyboard - Apple this week announced Magic Keyboard firmware updates that patch a vulnerability potentially allowing attackers to inject keystrokes over Bluetooth. The issue was disclosed in December by SkySafe software engineer Marc Newlin, who warned that an ...
1 year ago Securityweek.com CVE-2024-0230
CVE-2024-53207 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hci_cmd_sync_dequeue causing the destroy function to run: INFO: task ...
2 months ago Tenable.com
CVE-2024-54460 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in iso_listen_bis This fixes the circular locking dependency warning below, by releasing the socket lock before enterning iso_listen_bis, to avoid ...
1 month ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)