https://vulnerability.circl.lu/sightings/feed 2026-05-28T17:56:42.839314+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/084da1ae-f4ed-4d54-87ce-dc9771ab765f/export 2026-05-28T17:56:43.134326+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "084da1ae-f4ed-4d54-87ce-dc9771ab765f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/250", "content": "\ud83c\udf10\u0412\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a\u0438 BLUFFS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Bluetooth-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\n\n\ud83d\udd30\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Eurecom \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0448\u0435\u0441\u0442\u044c \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0435 \u043e\u0431\u0449\u0435\u0435 \u0438\u043c\u044f - \"BLUFFS\"\n\n\ud83d\udd30\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u0443\u044e \u0438\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u044b\u043c\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438\n\n\ud83d\udd30\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b\u0438 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-24023. \u0422\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 GitHub\n\n#cve #exploit #itnews #infosec", "creation_timestamp": "2023-11-30T04:21:34.000000Z"} 2023-11-30T04:21:34+00:00 https://vulnerability.circl.lu/sighting/8fa6e407-b13d-4836-b11f-de03fafa652e/export 2026-05-28T17:56:43.134230+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8fa6e407-b13d-4836-b11f-de03fafa652e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://t.me/arpsyndicate/797", "content": "#ExploitObserverAlert\n\nCVE-2023-24023\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.", "creation_timestamp": "2023-11-30T08:09:16.000000Z"} 2023-11-30T08:09:16+00:00 https://vulnerability.circl.lu/sighting/81114d4f-647b-4fae-bae8-2f8103407336/export 2026-05-28T17:56:43.134126+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "81114d4f-647b-4fae-bae8-2f8103407336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://t.me/KomunitiSiber/1163", "content": "New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks\nhttps://thehackernews.com/2023/12/new-bluffs-bluetooth-attack-expose.html\n\nNew research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers.\nThe issues, collectively named\u00a0BLUFFS, impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under the identifier\u00a0CVE-2023-24023\u00a0(CVSS score: 6.8)", "creation_timestamp": "2023-12-04T14:39:50.000000Z"} 2023-12-04T14:39:50+00:00 https://vulnerability.circl.lu/sighting/7813ae99-12d4-4edd-a96d-e5ced88a5bfd/export 2026-05-28T17:56:43.134036+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7813ae99-12d4-4edd-a96d-e5ced88a5bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "Telegram/JGrJi7354Zsxe4reHBOo4HZmWo5_8soB36eErO0lGRXcYw", "content": "", "creation_timestamp": "2023-12-04T14:45:10.000000Z"} 2023-12-04T14:45:10+00:00 https://vulnerability.circl.lu/sighting/f8912732-63a8-4c80-b65d-0a1a2fe35f4e/export 2026-05-28T17:56:43.133921+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f8912732-63a8-4c80-b65d-0a1a2fe35f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "published-proof-of-concept", "source": "https://t.me/cultofwire/1140", "content": "Newly discovered Bluetooth security flaws reveals all devices launched after 2014 can be hacked\n\n\u041f\u0440\u0438\u0448\u043b\u0430 \u0431\u0435\u0434\u0430 \u043e\u0442\u043a\u0443\u0434\u0430 \u043d\u0435 \u0436\u0434\u0430\u043b\u0438. (\u043d\u0435\u0442)\n\n\u0412\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 Bluetooth \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435 2014 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b:\n- \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Bluetooth, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \"\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\".\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 Bluetooth 4.2 \u0438 Bluetooth 5.4, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u0438, \u041f\u041a, \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u044b, \u043f\u043b\u0430\u043d\u0448\u0435\u0442\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435.\n- \u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0430 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u043d\u0435\u0441\u0435\u043d\u0438\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u043f\u043b\u043e\u0445\u0430\u044f, \u043d\u043e \u043d\u0435 \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u0430\u044f. Bluetooth \u043a\u0430\u043a \u0441\u0435\u0442\u044c \u043a\u0440\u0430\u0439\u043d\u0435 \u043c\u0430\u043b\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043e\u0441\u043e\u0431\u043e \u043d\u0435 \u0441\u0435\u043a\u0443\u0440\u0438\u043b\u0430\u0441\u044c. \u041d\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e \u043f\u043e\u0440\u0430\u0436\u0430\u0435\u0442, \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u043e\u0442\u043d\u044f\u0442\u044c.\n\nWhitepapper \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066\nGithub \u0441 PoC: https://github.com/francozappa/bluffs\nCVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023", "creation_timestamp": "2023-12-06T11:21:00.000000Z"} 2023-12-06T11:21:00+00:00 https://vulnerability.circl.lu/sighting/f003476f-d453-425d-a6f1-35a459920d1b/export 2026-05-28T17:56:43.133836+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f003476f-d453-425d-a6f1-35a459920d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://t.me/ctinow/155590", "content": "https://ift.tt/adO0sFy\nCVE-2023-24023 | Bluetooth Core Specification up to 5.4 Secure Simple Pairing/Secure Connections Pairing BLUFFS channel accessible", "creation_timestamp": "2023-12-17T12:41:52.000000Z"} 2023-12-17T12:41:52+00:00 https://vulnerability.circl.lu/sighting/00762544-cf24-4aab-9d98-bfea823f6bb3/export 2026-05-28T17:56:43.133729+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "00762544-cf24-4aab-9d98-bfea823f6bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://t.me/arpsyndicate/1997", "content": "#ExploitObserverAlert\n\nCVE-2023-24023\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.2\nNVD-ES: 1.6", "creation_timestamp": "2023-12-18T13:53:55.000000Z"} 2023-12-18T13:53:55+00:00 https://vulnerability.circl.lu/sighting/cd15e069-90f7-4832-a112-cafe3030b3cd/export 2026-05-28T17:56:43.133603+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "cd15e069-90f7-4832-a112-cafe3030b3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://t.me/arpsyndicate/2958", "content": "#ExploitObserverAlert\n\nCVE-2023-24023\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2023-24023. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.2\nNVD-ES: 1.6", "creation_timestamp": "2024-01-20T11:15:18.000000Z"} 2024-01-20T11:15:18+00:00 https://vulnerability.circl.lu/sighting/29487fee-a514-4768-b250-4e916a0bb5f7/export 2026-05-28T17:56:43.132643+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "29487fee-a514-4768-b250-4e916a0bb5f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24023", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2085", "content": "BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses allow certain man-in-the-middle attacks and live injection (CVE-2023-24023)\nhttps://francozappa.github.io/post/2023/bluffs-ccs23/", "creation_timestamp": "2024-09-13T20:22:35.000000Z"} 2024-09-13T20:22:35+00:00 https://vulnerability.circl.lu/sighting/e78b76aa-367a-4787-8d2f-fb7b17662881/export 2026-05-28T17:56:43.130065+00:00 Alexandre Dulaunoy https://cve.circl.lu/user/adulau {"uuid": "e78b76aa-367a-4787-8d2f-fb7b17662881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-24023", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"} 2024-10-14T15:50:35.983245+00:00