Published: 12/01/2024 Updated: 19/01/2024

CVSS v3 Base Score: 2.4 | Impact Score: 1.4 | Exploitability Score: 0.9

VMScore: 0

A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple magic_keyboard_firmware

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page Apple security documents reference vulnerabilities by CVE-ID whe ...

Hi, My Name is Keyboard This repository contains proof-of-concept scripts for CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230 Additional details can be found in the blog post Proof of Concept Description Android Keystroke Injection Force-pairs a virtual Bluetooth keyboard with a vulnerable Android device and injects 10 seconds of tab keypresses Linux Keystroke Inj

NVD-CWE-noinfo https://support.apple.com/en-us/HT214050 https://nvd.nist.gov https://github.com/marcnewlin/hi_my_name_is_keyboard https://support.apple.com/kb/HT214050

CVE-2024-0230

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect