VDB
ALAS2-2024-2386
ALAS2-2024-2386
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | bluez |
Exploit Intelligence
- EDSEC_BKIF is a keystroke injection tool for Android, Linux, and iOS. With the help of CVE-2023-45866, it grants users unprecedented control over targeted systems, enabling various functions from keystroke injection to advanced system manipulations. (github-poc-repo)
- EDSEC_BKIF is a keystroke injection tool for Android, Linux, and iOS. With the help of CVE-2023-45866, it grants users unprecedented control over targeted systems, enabling various functions from keystroke injection to advanced system manipulations. (github-poc)
- CVE-2023-45866 (github-poc-repo)
- Exploits Tested in Mi A2 Lite and Realme 2 pro (github-poc-repo)
- Chedrian07/CVE-2023-45866-POC (github-poc-repo)
- Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306) (github-poc-repo)
- Rust implementation of Marc Newlin's keystroke injection proof of concept (CVE-2023-45866). (github-poc-repo)
- BlueDucky exploits a Bluetooth vulnerability, specifically CVE-2023-45866, which allows an attacker to inject keystrokes into a target device. The attacker's device impersonates a Bluetooth keyboard to establish an encrypted connection without user authorization. The BlueDucky tool automates this process (github-poc-repo)
- 🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard) (github-poc-repo)
- BlueDucky exploits a Bluetooth vulnerability, specifically CVE-2023-45866, which allows an attacker to inject keystrokes into a target device. The attacker's device impersonates a Bluetooth keyboard to establish an encrypted connection without user authorization. The BlueDucky tool automates this process (github-poc)
…and 17 more exploits
Timeline
- Jan 9, 2024 CVE Published
References
- ALAS2-2024-2386: bluez (important) advisory