Using BlueDucky to demo Bluetooth vulnerability (CVE-2023-45866) HID injections with duckyscript and SENA bluetooth adapter.

CVE-2023-45866 allows attackers to remotely control Android phones (and other devices) without pairing. The vulnerability is in Bluetooth HID Hosts in BlueZ, which may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports. This could potentially allow the injection of HID messages without any user interaction from the Central role to authorize such access. An example of an affected package is BlueZ 5.64-0ubuntu1 in Ubuntu 22.04 LTS. Note: In some cases, the CVE-2020-0556 mitigation may have already addressed this Bluetooth HID Hosts issue.

Mitigation Steps:

Upgrade your phone/install security patches: Ensure your Android device is updated to Android 11 or later. Unfortunately, earlier versions (Android 10 and earlier) cannot be patched.

Pairing mode caution: For the script to discover the MAC address of the phone, the phone needs to be in pairing mode.

Turn off Bluetooth when not in use: To minimize risk, disable Bluetooth if it is not actively being used.

[ Ссылка ]

#android #iphone #bluetooth #shorts

свернуть