{"vulnerability": "CVE-2023-4586", "sightings": [{"uuid": "b25eeccc-fab0-4d10-8fcf-589726addd1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lezzfcgyh72n", "content": "", "creation_timestamp": "2025-01-06T01:49:25.183157Z"}, {"uuid": "6cb08655-22df-4330-bb28-8f728ac9b3b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4586", "type": "seen", "source": "https://gist.github.com/ton77v/f9165544cfbf98c8bd1988cbfa7aea95", "content": "", "creation_timestamp": "2025-02-01T05:06:08.000000Z"}, {"uuid": "b0b567b0-8f3b-4c1d-8f1f-fc7c811a3865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://gist.github.com/abrugsch/479d24786f9c53daff5281d6ff9e2257", "content": "", "creation_timestamp": "2025-02-07T13:30:57.000000Z"}, {"uuid": "25d1a173-7a06-4eb5-aa25-edd08affdf92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45863", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "296a29c8-45c5-48ad-a0ce-b23583237bff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45863", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "a96205bb-ff88-4646-9f93-4002a458d86f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m342xhucqc26", "content": "", "creation_timestamp": "2025-10-13T20:37:06.731682Z"}, {"uuid": "a5587f42-3594-4afe-87d9-e724a040a6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12244", "content": "Zero-Day: CVE-2023-45866 and CVE-2024-21306 exploitation.\n\nExploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing.\n\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/\n\nhttps://youtu.be/dj1lGqL8lXo", "creation_timestamp": "2024-01-29T04:38:30.000000Z"}, {"uuid": "8645a6dc-b7e2-479e-984c-99ec54b2f41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"}, {"uuid": "82b5e239-c487-4d73-830c-e68f4e06cd67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12305", "content": "Zero-Day (via CVE-2023-45866): Exploiting Zero-click Android Bluetooth vulnerability to inject keystrokes without pairing.\n\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/", "creation_timestamp": "2024-02-08T14:28:06.000000Z"}, {"uuid": "835a6e3a-588c-4664-a88a-eb87c504dde3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9427", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\nURL\uff1ahttps://github.com/Danyw24/blueXploit\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-15T03:02:46.000000Z"}, {"uuid": "be5d86cc-1c6f-4525-96e7-5b1875dcebf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "Telegram/Rb4wQk4sv77MPMIFv9GC6iH60q7V6h0ylg0pbuMdA-XU9rk", "content": "", "creation_timestamp": "2025-08-26T21:00:04.000000Z"}, {"uuid": "388c3768-a68a-4d48-95be-5a3951cec217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/itsec_news/3966", "content": "\u200b\u26a1\ufe0fCVE-2024-0230: Apple \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0435\u0440\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a Magic Keyboard\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 \u0434\u043b\u044f Magic Keyboard, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2024-0230 (\u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0443\u044e \u043a\u0430\u043a CVE-2023-45866 ), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c Bluetooth-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 , \u0445\u043e\u0442\u044f \u043e \u043d\u0435\u0439 \u0441\u0442\u0430\u043b\u043e \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0435\u0449\u0451 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2023 \u0433\u043e\u0434\u0430 .\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041c\u0430\u0440\u043a \u041d\u044c\u044e\u043b\u0438\u043d, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u043e\u043d \u043c\u0435\u0441\u044f\u0446\u0430\u043c\u0438 \u0438\u0437\u0443\u0447\u0430\u043b \u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u043b \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u0445 \u0441 \u043d\u0435\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u044b\u043c\u0438 Bluetooth-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 macOS \u0438 iOS.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0435 \u043d\u043e\u043c\u0435\u0440 \u0432\u0435\u0440\u0441\u0438\u0438 2.0.6, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u044b\u0447\u043d\u043e\u0439 \u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0439 Magic Keyboard, \u043a\u0430\u043a \u0441 Touch ID, \u0442\u0430\u043a \u0438 \u0431\u0435\u0437 \u043d\u0435\u0433\u043e. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f: \u043e\u043d\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b Magic Keyboard \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 Apple.\n\n\u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0442\u0435\u043c, \u0443 \u043a\u043e\u0433\u043e \u0431\u044b\u043b \u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u044b\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a Bluetooth-\u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a Magic Keyboard, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043a\u043b\u044e\u0447 \u043f\u0430\u0440\u044b Bluetooth. \u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0435\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043e\u0431\u043c\u0430\u043d\u0443\u0442\u044c \u0445\u043e\u0441\u0442 Bluetooth \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0443 \u0431\u0435\u0437 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0439 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b \u043a Mac \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043f\u043e \u0441\u0432\u043e\u0435\u043c\u0443 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044e \u043d\u0430\u0436\u0438\u043c\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u043a\u043b\u0430\u0432\u0438\u0448\u0438. \u0425\u043e\u0442\u044f \u0434\u043b\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u043f\u0430\u0440\u043e\u043b\u044c \u0438\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 Touch ID, \u0442\u0430\u043a\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u0443\u0433\u0440\u043e\u0437\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u0441\u0451 \u0435\u0449\u0451 \u043c\u043e\u0433 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0447\u0438\u0442\u0430\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0438 \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0412\u0432\u043e\u0434\u0438\u043c\u044b\u0435 \u043a\u043b\u0430\u0432\u0438\u0448\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0437\u0430\u043f\u0443\u0441\u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0432\u0432\u043e\u0434 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0445 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0439, \u0440\u0430\u0437\u0443\u043c\u0435\u0435\u0442\u0441\u044f, \u0431\u044b\u043b\u0438 \u0432\u0438\u0434\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443, \u0432\u0438\u0434\u0438\u043c\u043e, Apple \u0438 \u043d\u0435 \u0441\u043f\u0435\u0448\u0438\u043b\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0435 \u043f\u0440\u0438\u0434\u0430\u0432 \u0435\u043c\u0443 \u043e\u0441\u043e\u0431\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-01-12T11:00:21.000000Z"}, {"uuid": "02842960-aea8-4fcb-8df3-12b1638ca6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/752", "content": "https://github.com/Danyw24/blueXploit\n\nExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\n#github #exploit", "creation_timestamp": "2024-12-18T10:36:45.000000Z"}, {"uuid": "7aaadd8d-9322-443e-a7f3-a95b8c0b4d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/BitLenta/22126", "content": "\u041c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0437\u0430\u043a\u0440\u044b\u043b\u0430 Apple, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f iOS, iPadOS, macOS, tvOS, watchOS \u0438 Safari.\n\n\u0421\u044e\u0434\u0430 \u0432\u0445\u043e\u0434\u044f\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f\u00a012 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0432 iOS \u0438 iPadOS, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari Private Browsing \u0438 WebKit.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u041a\u0443\u043f\u0435\u0440\u0442\u0438\u043d\u043e, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 ImageIO, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f macOS Sonoma 14.2\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 39 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0448\u0435\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445\u00a0\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 ncurses.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c\u00a0CVE-2023-45866, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Bluetooth, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0438, \u0432\u0432\u0435\u0441\u0442\u0438 \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0448 \u043f\u0443\u0442\u0435\u043c \u043f\u043e\u0434\u043c\u0435\u043d\u044b \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b.\n\n\u041a\u0430\u043a \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c SkySafe \u041c\u0430\u0440\u043a\u043e\u043c \u041d\u044c\u044e\u043b\u0438\u043d\u043e\u043c \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c Apple, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 iOS 17.2, iPadOS 17.2 \u0438 macOS Sonoma 14.2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a.\n\nApple \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 Safari 17.2 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a WebKit (CVE-2023-42890 \u0438 CVE-2023-42883), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0438 DoS.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 Mac \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c\u00a0macOS Monterey \u0438 macOS Ventura.\n\niOS 17.2 \u0438 iPadOS 17.2, \u043f\u043e\u043c\u0438\u043c\u043e \u0444\u0438\u043a\u0441\u044b \u043e\u0448\u0438\u0431\u043a\u0438 Siri, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043b\u044e\u0447\u0430 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u0430.\n\n\u041e\u043d\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u043e\u0432 \u0432 iMessage \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0441\u0435\u0440\u0432\u0438\u0441\u0430, \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 spyware \u0438 \u0410\u0420\u0422. (secator)", "creation_timestamp": "2023-12-13T14:54:23.000000Z"}, {"uuid": "4baf6221-f583-49a5-9193-dd746b53e2bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/Blackhat_Officials/1000", "content": "#CVE-2023-45866: Unauthenticated #Bluetooth keystroke-injection in Android, Linux, macOS and iOS\n\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2023-12-08T11:51:13.000000Z"}, {"uuid": "652df70a-3f2c-4a10-b816-9a34a0bac07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "Telegram/E1AkTdz8qczGaD0uy3CJuDJMkDxL73vQpCI1bwvPC7UdCQ", "content": "", "creation_timestamp": "2024-01-23T19:55:09.000000Z"}, {"uuid": "cf563010-c27a-45ab-90f2-2129f95309e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/ZeroEthical_Course/2808", "content": "\ud83d\udcf1 BlueDucky is still a relevant tool to scan and identify vulnerable #Bluetooth devices (CVE-2023-45866).\n\nDon't postpone updates of your devices in 2025\u26a0\ufe0f\n\n\ud83d\udda5 Website: \ud83d\udd17 Link\n\n #NetHunter #InfoSec #CyberSecurity #Hacking\n\ud83d\udd39 Share & Support Us \ud83d\udd39\n\ud83d\udcf1 Channel : @ZeroEthical_Course", "creation_timestamp": "2025-01-04T17:43:34.000000Z"}, {"uuid": "7c1b4aa0-104e-4118-91db-808fa989780f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/VasileiadisAnastasis/1173", "content": "\ud83d\udd35Jumping on the #BlueDucky trend. Exploit 0-click Bluetooth vulnerability of unpatched Android smartphone using(CVE-2023-45866)\n\n#android #nethunter #kalinethunter #ble #keystrokeinjection #keystrokeinjectionattack #bluetooth", "creation_timestamp": "2024-06-19T12:18:07.000000Z"}, {"uuid": "521c3b5a-ca88-49d1-af51-6ad22e78dc51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "Telegram/oGhYbaH2ILnkAUqiU3fg2GKy-XHmXR8ZWoHAha2LXbOZ_rQ", "content": "", "creation_timestamp": "2024-04-15T19:28:33.000000Z"}, {"uuid": "29583a9c-a302-40d5-887e-c0447c294cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1128", "content": "\u062d\u0642\u0646 \u0636\u063a\u0637\u0627\u062a \u0645\u0641\u0627\u062a\u064a\u062d Bluetooth \u063a\u064a\u0631 \u0645\u0635\u0627\u062f\u0642 \u0639\u0644\u064a\u0647\u0627 \u0641\u064a \u0623\u0646\u0638\u0645\u0629 Android \u0648Linux \u0648macOS \u0648iOS (CVE-2023-45866)\n\n\u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0627\u0644\u0642\u0631\u064a\u0628 \u0627\u0644\u0627\u062a\u0635\u0627\u0644 \u0628\u062c\u0647\u0627\u0632 \u0636\u0639\u064a\u0641 \u0639\u0628\u0631 \u062a\u0642\u0646\u064a\u0629 Bluetooth \u063a\u064a\u0631 \u0645\u0635\u0627\u062f\u0642 \u0639\u0644\u064a\u0647\u0627 \u0648\u0625\u062f\u062e\u0627\u0644 \u0636\u063a\u0637\u0627\u062a \u0627\u0644\u0645\u0641\u0627\u062a\u064a\u062d \u0644\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a\u060c \u0648\u062a\u0634\u063a\u064a\u0644 \u0623\u0648\u0627\u0645\u0631 \u0639\u0634\u0648\u0627\u0626\u064a\u0629\u060c \u0648\u0625\u0639\u0627\u062f\u0629 \u062a\u0648\u062c\u064a\u0647 \u0627\u0644\u0631\u0633\u0627\u0626\u0644\u060c \u0648\u0645\u0627 \u0625\u0644\u0649 \u0630\u0644\u0643.\n\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2024-03-29T18:32:08.000000Z"}, {"uuid": "ce9b43a0-958f-41db-a815-e969808e8519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "Telegram/QQSaH4YjXAfr5TdcAFuVoHOIqB-6HRS_XByk4aNhAkSfBUHX", "content": "", "creation_timestamp": "2024-03-06T12:55:41.000000Z"}, {"uuid": "ef5f1a07-0655-4fae-8af4-adb682e8c7a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "Telegram/JHLWdvSfm_zPc83f77JXqdWElizNg_1X4ObzkyRNywN0Ig", "content": "", "creation_timestamp": "2024-07-06T12:50:42.000000Z"}, {"uuid": "58f4a634-58c2-4897-b0d5-95fe909464b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/darkcommunityofficial/156", "content": "\u041e\u0442\u043a\u043e\u043f\u0430\u0432 \u043f\u0430\u0440\u043e\u0447\u043a\u0443 0-day \u0432 Apple, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Google \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0437\u0430 Android, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043d\u043e\u0432\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 zero-click \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 85 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0423\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u0430\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u043d\u0438\u0445, CVE-2023-40088, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Android \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430. \u0415\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0435 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2023-40077, CVE-2023-40076 \u0438 CVE-2023-45866) \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Android Framework \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2022-40507 - \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Qualcomm \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043d\u0430\u0431\u043e\u0440\u0430 \u043f\u0430\u0442\u0447\u0435\u0439 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f: 2023-12-01 \u0438 2023-12-05. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u044f\u0434\u0440\u0430.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0431\u044b\u043b\u0438 \u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-12-05T12:58:09.000000Z"}, {"uuid": "efed865f-9ace-492c-bc94-0d6988ce70d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/176", "content": "#CVE-2023-45866: Unauthenticated #Bluetooth keystroke-injection in Android, Linux, macOS and iOS\n\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2023-12-09T09:05:36.000000Z"}, {"uuid": "7bff346b-76d0-40d9-b8b3-644d3932f39d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/172", "content": "#CVE-2023-45866: Unauthenticated #Bluetooth keystroke-injection in Android, Linux, macOS and iOS\n\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2023-12-08T11:51:30.000000Z"}, {"uuid": "88d5e7d0-f895-4b06-949d-7a480a572e96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "Telegram/HPqtAobO-PsHSNFoHdxE-uZQN-D3BE-mcvhgVrWInT7_k9o", "content": "", "creation_timestamp": "2024-07-21T14:19:21.000000Z"}, {"uuid": "bf74f4d1-b595-4fe7-9930-d7237c70d14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "Telegram/1qPJv9QeAomqjspK4mMapmkJVNj8G9JByutUXXcjvgiuQw", "content": "", "creation_timestamp": "2023-12-07T14:33:21.000000Z"}, {"uuid": "81f6b4f5-9e33-4048-ad9b-96ad56e7b321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/arpsyndicate/2854", "content": "#ExploitObserverAlert\n\nCVE-2023-45866\n\nDESCRIPTION: Exploit Observer has 23 entries in 2 file formats related to CVE-2023-45866. Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.\n\nFIRST-EPSS: 0.000640000\nNVD-IS: 3.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-16T13:29:22.000000Z"}, {"uuid": "dfd1b3e7-dc80-4776-a6b6-009b579af7a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4586", "type": "seen", "source": "https://t.me/arpsyndicate/66", "content": "#ExploitObserverAlert\n\nCVE-2023-4586\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4586. A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.\n\nFIRST-EPSS: 0.000870000\nNVD-IS: 5.2\nNVD-ES: 2.2", "creation_timestamp": "2023-11-10T22:21:08.000000Z"}, {"uuid": "60ce0227-b5b8-4370-a54b-53c509b4d583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1431", "content": "#Github #Tools \n\nRed teaming tool to dump LSASS memory, bypassing basic countermeasures.\n\nhttps://github.com/0xdea/blindsight\n\nCVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) \ud83d\udd13 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)\n\nhttps://github.com/pentestfunctions/BlueDucky\n\nFully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts\n\nhttps://github.com/ElJaviLuki/CobaltStrike_OpenBeacon\n\nACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.\n\nhttps://github.com/t3l3machus/ACEshark\n\nAims to identify sleeping beacons\n\nhttps://github.com/thefLink/Hunt-Sleeping-Beacons\n\nA Simple JS code to keylogger data and send it to the personal server\n\nhttps://github.com/11whoami99/XSS-keylogger\n\n#HackersForum", "creation_timestamp": "2025-01-10T09:07:18.000000Z"}, {"uuid": "40f0392b-20a8-4561-83e7-82bb5e818b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4586", "type": "seen", "source": "https://t.me/arpsyndicate/174", "content": "#ExploitObserverAlert\n\nCVE-2023-4586\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4586. A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.\n\nFIRST-EPSS: 0.000870000\nNVD-IS: 5.2\nNVD-ES: 2.2", "creation_timestamp": "2023-11-13T20:41:52.000000Z"}, {"uuid": "ae124b52-fc1f-45b2-af44-a5a9f1d69729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/171", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:10:51.000000Z"}, {"uuid": "ca41e9e6-9061-463f-a325-2b9a99ca1490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/151", "content": "Tools - Hackers Factory\n\nA Keylogger in Rust that Bypasses Almost All AV Engines.\n\n#Infosec #Hacking\n\nhttps://github.com/Whitecat18/Rust-for-Malware-Development/blob/main/keylogger/src/main.rs\n\nA quick and dirty HTTP/S \"organic\" traffic generator.\n\nhttps://github.com/ReconInfoSec/web-traffic-generator\n\nDump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)\n\nhttps://github.com/ricardojoserf/NativeDump\n\n#Infosec #Hacking\n\nThe open source alternative to Tines / Splunk SOAR. Build AI-assisted workflows, orchestrate alerts, and close cases fast.\n\nhttps://github.com/TracecatHQ/tracecat\n\nGourlex is a simple tool that can be used to extract URLs and paths from web pages.\n\nhttps://github.com/trap-bytes/gourlex\n\nCVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) \ud83d\udd13 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)\n\nhttps://github.com/pentestfunctions/BlueDucky\n\nAI Powered Terminal Based Ethical Hacking Assistant\n\nhttps://github.com/berylliumsec/neutron\n\nImportant documents for you to start a Red Team management \n\n- Tools\n- Law Suit\n- Methodologies\n- Tips and Tricks\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management\n\nNetworking Tools\n\nIP camera hacking\nhttps://github.com/kancotdiq/ipcs\n\nTermux Lazyscript tool\nhttps://github.com/TechnicalMujeeb/Termux-Lazyscript\n\nTMscanner Tool\nhttps://github.com/TechnicalMujeeb/TM-scanner\n\nTrace location with IP\nhttps://github.com/rajkumardusad/IP-Tracer\n\n#Networking\n\nNovas URLs adicionas.\n\nhttps://github.com/osintbrazuca/osint-brazuca/\n\nThis script can be used to find html forms in the list of endpoints/urls.\n\nhttps://github.com/dirtycoder0124/form_finder\n\nGet hacking with HuntKit! It's all-in-one toolbox for finding bugs and testing security. Just run the image and start exploring! \n\ngithub.com/mcnamee/huntkit\n\n#BugBounty\n\nA collection of awesome one-liner scripts especially for bug bounty tips.\n\nhttps://github.com/dwisiswant0/awesome-oneliner-bugbounty\n\nScript with several tools to brute force garages, hack radio stations and capture and analyze radio signals with Raspberry Pi\n\nhttps://github.com/Lucstay11/Brute-force-garage-and-hack-rf\nhttps://kalilinuxtutorials.com/brute-force-garage-and-hack-rf-with-raspberry-pi/\n\nDrone Hacking Tool is a GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nhttps://github.com/readloud/Drone-Hacking-Tool\n\n#HackersFactory", "creation_timestamp": "2024-06-17T13:58:47.000000Z"}, {"uuid": "aab10d40-f345-4678-a74e-df7edf47e5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/KomunitiSiber/1184", "content": "New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices\nhttps://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html\n\nA critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices.\nTracked as\u00a0CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim.\n\"Multiple Bluetooth stacks have authentication bypass", "creation_timestamp": "2023-12-07T13:14:28.000000Z"}, {"uuid": "2b018df5-27d6-41ce-a7ac-05cb5083ec06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7656", "content": "PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866)\n\nIt still affects Android 10 and bellow\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/\n\n#NetHunter", "creation_timestamp": "2024-03-22T09:03:45.000000Z"}, {"uuid": "65bdb6ab-bb55-4264-9e16-0fb88b4f2fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9329", "content": "#BlueDucky is still a relevant tool to scan and identify vulnerable #Bluetooth devices (CVE-2023-45866).\n\nDon't postpone updates of your devices in 2025.\n\nhttps://github.com/pentestfunctions/BlueDucky\n\n#NetHunter", "creation_timestamp": "2025-01-04T05:29:30.000000Z"}, {"uuid": "eb884e0c-8410-40a0-98a8-75d63a885921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/27186", "content": "#BlueDucky is still a relevant tool to scan and identify vulnerable #Bluetooth devices (CVE-2023-45866).\n\nDon't postpone updates of your devices in 2025.\n\nhttps://github.com/pentestfunctions/BlueDucky\n\n#NetHunter", "creation_timestamp": "2025-01-04T05:29:43.000000Z"}, {"uuid": "bc70ac48-9273-4a61-8d3b-dd1f06019b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7936", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:38.000000Z"}, {"uuid": "179f61c7-fffb-4ffe-b471-29f5219d0347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/20619", "content": "PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866)\n\nIt still affects Android 10 and bellow\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/\n\n#NetHunter", "creation_timestamp": "2024-03-22T09:07:09.000000Z"}, {"uuid": "07fa06c4-aa92-4a9f-ad86-fa5e52c3909b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21924", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:51.000000Z"}, {"uuid": "3881570c-cd76-4a87-9891-246e1dbc1fab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7875", "content": "#Github #Tools \n\nRed teaming tool to dump LSASS memory, bypassing basic countermeasures.\n\nhttps://github.com/0xdea/blindsight\n\nCVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) \ud83d\udd13 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)\n\nhttps://github.com/pentestfunctions/BlueDucky\n\nFully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts\n\nhttps://github.com/ElJaviLuki/CobaltStrike_OpenBeacon\n\nACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.\n\nhttps://github.com/t3l3machus/ACEshark\n\nAims to identify sleeping beacons\n\nhttps://github.com/thefLink/Hunt-Sleeping-Beacons\n\nA Simple JS code to keylogger data and send it to the personal server\n\nhttps://github.com/11whoami99/XSS-keylogger\n\n#HackersForum", "creation_timestamp": "2025-01-10T09:06:03.000000Z"}, {"uuid": "8055c245-5a86-47a6-a3ab-58044ea7dba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3276", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:08.000000Z"}, {"uuid": "995263c6-963f-4535-8367-6f95981506ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4071", "content": "#Github #Tools \n\nRed teaming tool to dump LSASS memory, bypassing basic countermeasures.\n\nhttps://github.com/0xdea/blindsight\n\nCVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) \ud83d\udd13 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)\n\nhttps://github.com/pentestfunctions/BlueDucky\n\nFully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts\n\nhttps://github.com/ElJaviLuki/CobaltStrike_OpenBeacon\n\nACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.\n\nhttps://github.com/t3l3machus/ACEshark\n\nAims to identify sleeping beacons\n\nhttps://github.com/thefLink/Hunt-Sleeping-Beacons\n\nA Simple JS code to keylogger data and send it to the personal server\n\nhttps://github.com/11whoami99/XSS-keylogger\n\n#HackersForum", "creation_timestamp": "2025-01-10T07:38:02.000000Z"}, {"uuid": "9663bc6a-c619-4aee-a8ed-673f05fee18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3241", "content": "Tools - Hackers Factory\n\nA Keylogger in Rust that Bypasses Almost All AV Engines.\n\n#Infosec #Hacking\n\nhttps://github.com/Whitecat18/Rust-for-Malware-Development/blob/main/keylogger/src/main.rs\n\nA quick and dirty HTTP/S \"organic\" traffic generator.\n\nhttps://github.com/ReconInfoSec/web-traffic-generator\n\nDump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)\n\nhttps://github.com/ricardojoserf/NativeDump\n\n#Infosec #Hacking\n\nThe open source alternative to Tines / Splunk SOAR. Build AI-assisted workflows, orchestrate alerts, and close cases fast.\n\nhttps://github.com/TracecatHQ/tracecat\n\nGourlex is a simple tool that can be used to extract URLs and paths from web pages.\n\nhttps://github.com/trap-bytes/gourlex\n\nCVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) \ud83d\udd13 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)\n\nhttps://github.com/pentestfunctions/BlueDucky\n\nAI Powered Terminal Based Ethical Hacking Assistant\n\nhttps://github.com/berylliumsec/neutron\n\nImportant documents for you to start a Red Team management \n\n- Tools\n- Law Suit\n- Methodologies\n- Tips and Tricks\n\nhttps://github.com/CyberSecurityUP/Red-Team-Management\n\nNetworking Tools\n\nIP camera hacking\nhttps://github.com/kancotdiq/ipcs\n\nTermux Lazyscript tool\nhttps://github.com/TechnicalMujeeb/Termux-Lazyscript\n\nTMscanner Tool\nhttps://github.com/TechnicalMujeeb/TM-scanner\n\nTrace location with IP\nhttps://github.com/rajkumardusad/IP-Tracer\n\n#Networking\n\nNovas URLs adicionas.\n\nhttps://github.com/osintbrazuca/osint-brazuca/\n\nThis script can be used to find html forms in the list of endpoints/urls.\n\nhttps://github.com/dirtycoder0124/form_finder\n\nGet hacking with HuntKit! It's all-in-one toolbox for finding bugs and testing security. Just run the image and start exploring! \n\ngithub.com/mcnamee/huntkit\n\n#BugBounty\n\nA collection of awesome one-liner scripts especially for bug bounty tips.\n\nhttps://github.com/dwisiswant0/awesome-oneliner-bugbounty\n\nScript with several tools to brute force garages, hack radio stations and capture and analyze radio signals with Raspberry Pi\n\nhttps://github.com/Lucstay11/Brute-force-garage-and-hack-rf\nhttps://kalilinuxtutorials.com/brute-force-garage-and-hack-rf-with-raspberry-pi/\n\nDrone Hacking Tool is a GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.\n\nhttps://github.com/readloud/Drone-Hacking-Tool\n\n#HackersFactory", "creation_timestamp": "2024-04-09T09:14:32.000000Z"}, {"uuid": "571e5cb5-2a9f-4606-bea6-bb11d9c7f731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/395314", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"CVE-2023-45866: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Bluetooth \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c Apple \u0438 Linux \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"08 Dec 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-08T18:14:14.000000Z"}, {"uuid": "b7a49f87-6aa3-4ea4-8839-ae24eff2d73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7822", "content": "#BlueDucky is still a relevant tool to scan and identify vulnerable #Bluetooth devices (CVE-2023-45866).\n\nDon't postpone updates of your devices in 2025.\n\nhttps://github.com/pentestfunctions/BlueDucky\n\n#NetHunter", "creation_timestamp": "2025-01-04T05:29:30.000000Z"}, {"uuid": "deeb0faf-df74-45a4-a6f1-820646e0a85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6715", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:38.000000Z"}, {"uuid": "dce990a8-2e8f-414f-80e3-58cbccffc28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6508", "content": "PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866)\n\nIt still affects Android 10 and bellow\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/\n\n#NetHunter", "creation_timestamp": "2024-03-22T09:03:45.000000Z"}, {"uuid": "aef2607b-1c56-470f-9248-3eb6c14a013d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4586", "type": "seen", "source": "https://t.me/cibsecurity/71553", "content": "\u203c CVE-2023-4586 \u203c\n\nA vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T14:11:48.000000Z"}, {"uuid": "3cf02b18-85e3-4f0b-bc3f-a1cb8e61b4b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/true_secator/5195", "content": "\u041c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, \u0437\u0430\u043a\u0440\u044b\u043b\u0430 Apple, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f iOS, iPadOS, macOS, tvOS, watchOS \u0438 Safari.\n\n\u0421\u044e\u0434\u0430 \u0432\u0445\u043e\u0434\u044f\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f\u00a012 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0432 iOS \u0438 iPadOS, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari Private Browsing \u0438 WebKit.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u041a\u0443\u043f\u0435\u0440\u0442\u0438\u043d\u043e, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 ImageIO, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f macOS Sonoma 14.2\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 39 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0448\u0435\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445\u00a0\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 ncurses.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c\u00a0CVE-2023-45866, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Bluetooth, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0438, \u0432\u0432\u0435\u0441\u0442\u0438 \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0448 \u043f\u0443\u0442\u0435\u043c \u043f\u043e\u0434\u043c\u0435\u043d\u044b \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b.\n\n\u041a\u0430\u043a \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c SkySafe \u041c\u0430\u0440\u043a\u043e\u043c \u041d\u044c\u044e\u043b\u0438\u043d\u043e\u043c \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c Apple, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 iOS 17.2, iPadOS 17.2 \u0438 macOS Sonoma 14.2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a.\n\nApple \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 Safari 17.2 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u0432\u0443\u0445 \u043e\u0448\u0438\u0431\u043e\u043a WebKit (CVE-2023-42890 \u0438 CVE-2023-42883), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0438 DoS.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 Mac \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c\u00a0macOS Monterey \u0438 macOS Ventura.\n\niOS 17.2 \u0438 iPadOS 17.2, \u043f\u043e\u043c\u0438\u043c\u043e \u0444\u0438\u043a\u0441\u044b \u043e\u0448\u0438\u0431\u043a\u0438 Siri, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043b\u044e\u0447\u0430 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u0430.\n\n\u041e\u043d\u0430 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u043e\u0432 \u0432 iMessage \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0441\u0435\u0440\u0432\u0438\u0441\u0430, \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 spyware \u0438 \u0410\u0420\u0422.", "creation_timestamp": "2023-12-13T13:10:05.000000Z"}, {"uuid": "12751b40-916f-4424-9d68-3a8c3416f32e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/true_secator/5162", "content": "\u041e\u0442\u043a\u043e\u043f\u0430\u0432 \u043f\u0430\u0440\u043e\u0447\u043a\u0443 0-day \u0432 Apple, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Google \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0437\u0430 Android, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043d\u043e\u0432\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 zero-click \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u0437\u0430 \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 85 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0423\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u0430\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u043d\u0438\u0445, CVE-2023-40088, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Android \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430. \u0415\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0435 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2023-40077, CVE-2023-40076 \u0438 CVE-2023-45866) \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Android Framework \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2022-40507 - \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Qualcomm \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043d\u0430\u0431\u043e\u0440\u0430 \u043f\u0430\u0442\u0447\u0435\u0439 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f: 2023-12-01 \u0438 2023-12-05. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u044f\u0434\u0440\u0430.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0431\u044b\u043b\u0438 \u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-12-05T10:46:49.000000Z"}, {"uuid": "8a1bf77a-9dc5-4237-a532-6c19420fa547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/true_secator/5177", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Skysafe \u041c\u0430\u0440\u043a \u041d\u044c\u044e\u043b\u0438\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Bluetooth, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 Android, Linux, macOS \u0438 iOS.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-45866 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u0435\u043a\u043e\u0432 Bluetooth \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 \u0431\u0435\u0437 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043d\u0430\u0436\u0430\u0442\u0438\u0439 \u043a\u043b\u0430\u0432\u0438\u0448.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0430\u0442\u0430\u043a\u0430 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u0443\u043c\u0430\u0442\u044c, \u0447\u0442\u043e \u043e\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u043a \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0435 Bluetooth, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0438\u044f, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0432 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Bluetooth.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0441 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 Linux \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e Bluetooth-\u0430\u0434\u0430\u043f\u0442\u0435\u0440\u0430.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Android (\u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 4.2.2, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2012 \u0433\u043e\u0434\u0430), Linux, iOS \u0438 macOS (\u043a\u043e\u0433\u0434\u0430 Bluetooth \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0438 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0430 Magic Keyboard \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c), \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Apple \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0440\u0435\u0436\u0438\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438.\n\nGoogle \u0442\u0430\u043a\u0436\u0435 \u0432 \u0441\u0432\u043e\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e CVE-2023-45866 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 (\u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u043c\u0443/\u0441\u043c\u0435\u0436\u043d\u043e\u043c\u0443) \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043a\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Android \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u041e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.", "creation_timestamp": "2023-12-08T10:13:58.000000Z"}, {"uuid": "d621759a-51c8-4432-8df3-0b1d7e997082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45860", "type": "seen", "source": "https://t.me/ctinow/203156", "content": "https://ift.tt/yp8c7WR\nCVE-2023-45860 | Hazelcast up to 5.3.4 CSV File Source Connector permission (GHSA-8h4x-xvjp-vf99)", "creation_timestamp": "2024-03-08T08:56:41.000000Z"}, {"uuid": "a32e18ea-0a94-4a48-87f3-dd6989ba75b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45867", "type": "seen", "source": "https://t.me/cibsecurity/72971", "content": "\u203c CVE-2023-45867 \u203c\n\nILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormAicc module. An attacker with a privileged account, typically holding the tutor role, can exploit this to gain unauthorized access to and potentially retrieve confidential files stored on the web server. The attacker can access files that are readable by the web server user www-data; this may include sensitive configuration files and documents located outside the documentRoot. The vulnerability is exploited by an attacker who manipulates the file parameter in a URL, inserting directory traversal sequences in order to access unauthorized files. This manipulation allows the attacker to retrieve sensitive files, such as /etc/passwd, potentially compromising the system's security. This issue poses a significant risk to confidentiality and is remotely exploitable over the internet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T18:16:03.000000Z"}, {"uuid": "6c4faf6f-176d-4b71-8274-f651d080b0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45868", "type": "seen", "source": "https://t.me/cibsecurity/72970", "content": "\u203c CVE-2023-45868 \u203c\n\nThe Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside the documentRoot, to a publicly accessible location via the PHP function rename(). This results in a total loss of confidentiality, exposing sensitive resources, and potentially denying access to the affected component and the operating system's components. To exploit this, an attacker must manipulate a POST request during the creation of an exercise unit, by modifying the old_name and new_name parameters via directory traversal. However, it's essential to note that, when exploiting this vulnerability, the specified directory will be relocated from its original location, rendering all files obtained from there unavailable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T18:16:02.000000Z"}, {"uuid": "65b36d5b-836a-44f7-ad01-db862f26e63b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45869", "type": "seen", "source": "https://t.me/cibsecurity/72963", "content": "\u203c CVE-2023-45869 \u203c\n\nILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec() function in the execQuoted() method of the ilUtil class (/Services/Utilities/classes/class.ilUtil.php) This allows attackers to inject malicious commands into the system, potentially compromising the integrity, confidentiality, and availability of the ILIAS installation and the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T18:15:54.000000Z"}, {"uuid": "844111bc-9100-4ca1-9597-95fd3c625c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45860", "type": "seen", "source": "https://t.me/ctinow/186293", "content": "https://ift.tt/FXZKhfq\nCVE-2023-45860", "creation_timestamp": "2024-02-16T11:31:16.000000Z"}, {"uuid": "bf21a118-ff9b-43e8-a3f1-bc4da0ae60f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/haccking/10829", "content": "\u0410\u0442\u0430\u043a\u0438 \u043d\u0430 Bluetooth. \u0427\u0430\u0441\u0442\u044c 2. \u00ab\u042f\u0431\u043b\u043e\u043a\u043e \u0438 \u0441\u0438\u043d\u044f\u044f \u0443\u0442\u043a\u0430\u00bb\n\n#\u0441\u0442\u0430\u0442\u044c\u044f\n\n\u0412 \u0441\u0442\u0430\u0442\u044c\u0435 \u0432\u044b \u0443\u0437\u043d\u0430\u0435\u0442\u0435 \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Apple, \u0435\u0441\u043b\u0438 \u043e\u043d \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442 \u0442\u0440\u0430\u0444\u0438\u043a Bluetooth. \u0422\u0430\u043a\u0436\u0435 \u0432\u044b \u043f\u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u0435\u0441\u044c \u0441 \u043c\u0435\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 Bluetooth. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2023-45866, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0431\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0447\u0435\u0440\u0435\u0437 Bluetooth.\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e.\n\nLH | \u041d\u043e\u0432\u043e\u0441\u0442\u0438 | \u041a\u0443\u0440\u0441\u044b | \u041c\u0435\u043c\u044b\n\n#\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\n#\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438", "creation_timestamp": "2024-05-06T18:17:47.000000Z"}, {"uuid": "99627a27-809b-40fd-ba74-acb78f9b2b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45860", "type": "seen", "source": "https://t.me/ctinow/186343", "content": "https://ift.tt/56ZnFyl\nCVE-2023-45860", "creation_timestamp": "2024-02-16T13:02:31.000000Z"}, {"uuid": "e0722d66-e052-4c5b-9355-0b10c70e4464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45864", "type": "seen", "source": "https://t.me/ctinow/162876", "content": "https://ift.tt/wYuAWSM\nCVE-2023-45864 | Samsung Exynos up to 9820 race condition", "creation_timestamp": "2024-01-04T10:11:23.000000Z"}, {"uuid": "8e7fae20-085a-43d6-8393-d60d10fb4c78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/ctinow/161041", "content": "https://ift.tt/b5JGcKM\nCVE-2023-45866 | BlueZ Bluetooth HID Host injection (DLA 3689-1)", "creation_timestamp": "2023-12-31T09:46:36.000000Z"}, {"uuid": "840f580f-dc77-4fa8-a4bf-b885bc4189ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2090", "content": "Unauthenticated Bluetooth keystroke-injection in Android, Linux, macOS and iOS (CVE-2023-45866)\nImpact: A nearby attacker can connect to a vulnerable device over unauthenticated Bluetooth and inject keystrokes to install apps, run arbitrary commands, forward messages, etc.\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2024-02-16T02:46:18.000000Z"}, {"uuid": "c67be4b4-7cee-4007-9872-d2c6aa435d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2130", "content": "PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install Metasploit without proper Bluetooth pairing (CVE-2023-45866). It still affects Android 10 and bellow.\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/", "creation_timestamp": "2024-06-18T07:51:52.000000Z"}, {"uuid": "f025851a-1266-4c80-8ea9-9025cfab5a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "exploited", "source": "https://t.me/androidMalware/2196", "content": "Demonstration of using BlueDucky to exploit 0-click Bluetooth vulnerability of unpatched Android smartphone (CVE-2023-45866)\nExploit was triggered by Raspberry Pi 4 and then by Android running NetHunter \nhttps://youtu.be/GOGW7U1f2RA", "creation_timestamp": "2025-03-25T08:53:03.000000Z"}, {"uuid": "1ce25abe-8ac0-4d6b-829d-19c641313eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/Blackhat_Officials/6", "content": "#CVE-2023-45866: Unauthenticated #Bluetooth keystroke-injection in Android, Linux, macOS and iOS\n\nhttps://github.com/skysafe/reblog/tree/main/cve-2023-45866", "creation_timestamp": "2023-12-08T11:51:13.000000Z"}, {"uuid": "fb996287-24be-43b8-9c17-ed3c6390457f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/thehackernews/4249", "content": "\u26a0\ufe0f Urgent Security Warning - \n \nA new critical Bluetooth vulnerability (CVE-2023-45866) could enable attackers to take control of Android, Linux, macOS, and iOS devices. \n \nLearn how it works: https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html", "creation_timestamp": "2023-12-07T12:47:38.000000Z"}, {"uuid": "adc0a9c2-d44e-48fc-8c3f-b7f9f05ef303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/haccking/11826", "content": "\u0421\u0440\u0430\u0432\u043d\u0438\u0432\u0430\u0435\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Bluetooth\n\n#Bluetooth #\u0441\u0442\u0430\u0442\u044c\u044f #pentest\n\n\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0440\u0443\u0431\u0440\u0438\u043a\u0443 \u043f\u043e\u0441\u0432\u044f\u0449\u0451\u043d\u043d\u0443\u044e \u0440\u0430\u0437\u0431\u043e\u0440\u0443 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0430\u0442\u0430\u043a \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438. \u0414\u0430\u043d\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e \u043c\u044b \u043f\u043e\u0441\u0432\u044f\u0449\u0430\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Bluetooth CVE-2023-45866, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043d\u0430\u043c\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430 \u0432 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0441\u0442\u0430\u0442\u0435\u0439. \u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\ud83d\udd17 \u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e\n\nLH | News | OSINT | AI", "creation_timestamp": "2025-04-11T14:16:45.000000Z"}, {"uuid": "0a434537-652e-4373-8ef6-82fc72ec5794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25042", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing & Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T16:13:21.000000Z"}, {"uuid": "a3e3e692-e8fc-45d0-82cb-55547dd9545e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/cultofwire/1145", "content": "Hi, My Name Is Keyboard\n\n\u0421\u043d\u043e\u0432\u0430 Bluetooth, \u043d\u043e \u0443\u0436\u0435 \u043e\u0442 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0434\u0440\u0443\u0433\u043e\u0439 CVE: CVE-2023-45866.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 \u0431\u0435\u0437 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b: \n- Google Pixel (\u0441 2 \u043f\u043e 7);\n- \u0432 \u0446\u0435\u043b\u043e\u043c Android 11-14 \u0431\u0435\u0437 \u0444\u0438\u043a\u0441\u0430 \u043e\u0442 2023-12-05, (\u0432\u0435\u0440\u0441\u0438\u0438 4.2.2-10 \u0431\u0435\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f);\n- 2022 MacBook Pro \n- 2017 MacBook Air\n\nPoC \u0438 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442.", "creation_timestamp": "2023-12-09T08:03:40.000000Z"}, {"uuid": "18332e1f-4e34-4d23-8ccc-e42232b26b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1879", "content": "https://github.com/marcnewlin/hi_my_name_is_keyboard\n\nProof of concept scripts for CVE-2023-45866, CVE-2024-21306 and CVE-2024-0230.\n#github", "creation_timestamp": "2024-01-20T15:05:14.000000Z"}, {"uuid": "54945014-9075-4630-94cc-935602a71373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9543", "content": "#exploit\n1. CVE-2023-1326:\nPrivilege escalation in apport-cli 2.26.0\nhttps://github.com/diego-tella/CVE-2023-1326-PoC\n\n2. CVE-2023-45866:\nUnauthenticated Bluetooth keystroke-injection in Android, Linux, macOS and iOS\nhttps://ift.tt/BHxK2mO\n]-> https://github.com/pentestfunctions/BlueDucky\n\n3. CVE-2023-24893:\nVSCode RCE\nhttps://blog.solidsnail.com/posts/vscode-shell-integ-rce", "creation_timestamp": "2025-01-05T12:40:52.000000Z"}, {"uuid": "369ddb03-d922-42a1-a7c8-931c6720bce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/4437", "content": "Hi, My Name is Keyboard\n\n\u0427\u0442\u043e\u0431\u044b \u043e\u0431\u0449\u0430\u0442\u044c\u0441\u044f \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438, \u043a\u0430\u043a\u0438\u0435-\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u043c\u044b\u0448\u0435\u043a \u0438 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 USB-\u0434\u043e\u043d\u0433\u043b \u0438 Bluetooth, \u0430 \u043a\u0430\u043a\u0438\u0435-\u0442\u043e \u043f\u0438\u0448\u0443\u0442 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u043f\u0440\u0438\u0435\u0442\u0430\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b (\u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043e\u0431\u0449\u0430\u044e\u0442\u0441\u044f \u043d\u0430 2.4\u0413\u0413\u0446).\n\n\u041d\u0430\u0434 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u0442\u0430\u043c \u043d\u0435 \u0437\u0430\u0434\u0443\u043c\u044b\u0432\u0430\u044e\u0442\u0441\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0438\u043f\u0430 MouseJack, \u043a\u043e\u0433\u0434\u0430 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0443 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0442 \u043c\u044b\u0448\u043a\u0438 \u0438 \"\u043d\u0430\u043a\u043b\u0438\u043a\u0438\u0432\u0430\u0442\u044c\" \u043b\u044e\u0431\u044b\u0435 \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0448.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0432\u0435\u043b \u0438\u043d\u0436\u0435\u043d\u0435\u0440 \u0438\u0437 SkySafe \u0432 2016, \u043d\u043e \u043d\u0435 \u0441\u0442\u0430\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c Bluetooth, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0434\u0443\u043c\u0430\u043b, \u0447\u0442\u043e \u0442\u0430\u043c \u0432\u0441\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \n\n\u0412\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0435, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u043e \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435\u043c CVE-2023-45866 \u0432 Bluetooth, \u0441 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u043c\u0443 \u043d\u0430 MacOS, Linux, Windows, \u0438 \u0437\u0430\u0441\u044b\u043b\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041d\u0430 \u0432\u0438\u0434\u0435\u043e \u043f\u0440\u0438\u043c\u0435\u0440 0-\u0441lick \u0440\u0438\u043a\u0440\u043e\u043b\u043b\u0430 \u0432 Android. \u0415\u0433\u043e \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u043e\u0442\u0441\u044e\u0434\u0430 https://github.com/marcnewlin/hi_my_name_is_keyboard.", "creation_timestamp": "2024-01-24T08:43:52.000000Z"}, {"uuid": "eff2c90d-bd5e-4a3e-ba9b-5419e560b3f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "seen", "source": "https://t.me/S_E_Reborn/4306", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Skysafe \u041c\u0430\u0440\u043a \u041d\u044c\u044e\u043b\u0438\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Bluetooth, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 Android, Linux, macOS \u0438 iOS.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-45866 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u0435\u043a\u043e\u0432 Bluetooth \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443 \u0431\u0435\u0437 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043d\u0430\u0436\u0430\u0442\u0438\u0439 \u043a\u043b\u0430\u0432\u0438\u0448.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0430\u0442\u0430\u043a\u0430 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u0443\u043c\u0430\u0442\u044c, \u0447\u0442\u043e \u043e\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u043a \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0435 Bluetooth, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0438\u044f, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0432 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Bluetooth.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443 \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0441 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 Linux \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e Bluetooth-\u0430\u0434\u0430\u043f\u0442\u0435\u0440\u0430.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Android (\u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 4.2.2, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2012 \u0433\u043e\u0434\u0430), Linux, iOS \u0438 macOS (\u043a\u043e\u0433\u0434\u0430 Bluetooth \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0438 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u0430 Magic Keyboard \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c), \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Apple \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0440\u0435\u0436\u0438\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438.\n\nGoogle \u0442\u0430\u043a\u0436\u0435 \u0432 \u0441\u0432\u043e\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e CVE-2023-45866 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 (\u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u043c\u0443/\u0441\u043c\u0435\u0436\u043d\u043e\u043c\u0443) \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043a\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Android \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u041e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.", "creation_timestamp": "2023-12-08T15:40:00.000000Z"}, {"uuid": "359fa811-8216-4b0e-9ccb-2555ccefd029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/1007", "content": "#BlueDucky is still a relevant tool to scan and identify vulnerable #Bluetooth devices (CVE-2023-45866).\n\nDon't postpone updates of your devices in 2025.\n\nhttps://github.com/pentestfunctions/BlueDucky\n\n#NetHunter", "creation_timestamp": "2025-01-04T05:29:43.000000Z"}, {"uuid": "39070a0d-8fff-4163-945c-05408da9d1c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45866", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/116", "content": "https://github.com/Danyw24/blueXploit\n\nExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\n#github #exploit", "creation_timestamp": "2024-12-16T15:17:24.000000Z"}]}