{"vulnerability": "CVE-2024-21306", "sightings": [{"uuid": "6baa9ef3-d2b5-4dc1-bd3c-587afd3982f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13974", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21306\n\ud83d\udd25 CVSS Score: 5.7 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Bluetooth Driver Spoofing Vulnerability\n\ud83d\udccf Published: 2024-01-09T17:57:08.266Z\n\ud83d\udccf Modified: 2025-04-30T00:31:27.976Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21306", "creation_timestamp": "2025-04-30T01:12:50.000000Z"}, {"uuid": "e524d8e3-41c1-4133-a892-ef22163d9953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12244", "content": "Zero-Day: CVE-2023-45866 and CVE-2024-21306 exploitation.\n\nExploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing.\n\nhttps://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/\n\nhttps://youtu.be/dj1lGqL8lXo", "creation_timestamp": "2024-01-29T04:38:30.000000Z"}, {"uuid": "5c8707e4-ba43-4ce5-8250-24aa10efb7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9427", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\nURL\uff1ahttps://github.com/Danyw24/blueXploit\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-15T03:02:46.000000Z"}, {"uuid": "69689b28-ad6b-4f00-ada0-ff76b0871b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "seen", "source": "https://t.me/arpsyndicate/2995", "content": "#ExploitObserverAlert\n\nCVE-2024-21306\n\nDESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2024-21306. Microsoft Bluetooth Driver Spoofing Vulnerability\n\nFIRST-EPSS: 0.000570000\nNVD-IS: 3.6\nNVD-ES: 2.1", "creation_timestamp": "2024-01-26T15:57:48.000000Z"}, {"uuid": "38a9ccaf-d3f3-4b86-a4a8-5aa89e3e2340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/752", "content": "https://github.com/Danyw24/blueXploit\n\nExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\n#github #exploit", "creation_timestamp": "2024-12-18T10:36:45.000000Z"}, {"uuid": "b18d6b92-119a-4b80-bcf0-0472f3e13367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "seen", "source": "Telegram/E1AkTdz8qczGaD0uy3CJuDJMkDxL73vQpCI1bwvPC7UdCQ", "content": "", "creation_timestamp": "2024-01-23T19:55:09.000000Z"}, {"uuid": "5c82ee5a-f62d-4063-bdf9-0604c4601f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7423", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21306 BadBlue implementation (Using DuckyScript)\nURL\uff1ahttps://github.com/PhucHauDeveloper/BadBlue\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-26T14:39:43.000000Z"}, {"uuid": "c69059f9-665b-4061-bc9b-81098abf393e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/171", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:10:51.000000Z"}, {"uuid": "d57048ad-2b65-4369-a2b6-574b0dd5977f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6715", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:38.000000Z"}, {"uuid": "ae180bb3-8a4b-401c-a8d2-6ba6f6398b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7936", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:38.000000Z"}, {"uuid": "fba9c5c3-4c73-4251-a2ef-e5365039f5f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21924", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:51.000000Z"}, {"uuid": "87c6eb68-f5a5-4fb6-a218-728f681b4823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3276", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T15:23:08.000000Z"}, {"uuid": "eaf1cc64-00f7-4e1c-b008-434c191404c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25042", "content": "Tools - Hackers Factory\n\nRace conditions primitives on speculatively executed code paths (GhostRace)\n\nPaper: https://www.vusec.net/projects/ghostrace/\nWebsite: https://www.vusec.net/projects/ghostrace\nPoC: https://github.com/vusec/ghostrace\n\nBluetooth keystroke injection affecting various OS (CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230) by Marc Newlin\u00a0 \n\nBlog post: https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md\nPoC: https://github.com/marcnewlin/hi_my_name_is_keyboard\n\n#bluetooth\n\nComprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges\n\nhttps://github.com/0xsp-SRD/MDE_Enum\n\nWiFi Penetration Testing &amp; Auditing Tool \n\nhttps://github.com/FLOCK4H/Freeway\n\nbin2ml\u00a0is a command line tool to extract machine learning ready data from software binaries.\n\ngithub.com/br0kej/bin2ml\n\nPython tool for continuous password spraying taking into account the password policy.\n\nhttps://github.com/login-securite/conpass\n\nWeb vulnerability scanner written in Python3 \n\nhttps://github.com/wapiti-scanner/wapiti\n\nZip Slip Vulnerability (Arbitrary file write through archive extraction) \n\nhttps://github.com/snyk/zip-slip-vulnerability/\n\nTunnel TCP connections through a file \n\nhttps://github.com/fiddyschmitt/File-Tunnel?tab=readme-ov-file\n\nA collection of USB hacking\u2013related links.\n\nhttps://github.com/xairy/usb-hacking/blob/master/LINKS.md\n\n#HackersFactory", "creation_timestamp": "2024-06-10T16:13:21.000000Z"}, {"uuid": "e97bed04-83dd-4f3a-aced-22d1ff4b65c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "seen", "source": "https://t.me/ctinow/165333", "content": "https://ift.tt/z1pSQkn\nCVE-2024-21306 | Microsoft Windows up to Server 2022 23H2 Bluetooth Driver unknown vulnerability", "creation_timestamp": "2024-01-09T20:16:41.000000Z"}, {"uuid": "8abb27dc-c4a3-47ff-8c82-4ada4270b76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1879", "content": "https://github.com/marcnewlin/hi_my_name_is_keyboard\n\nProof of concept scripts for CVE-2023-45866, CVE-2024-21306 and CVE-2024-0230.\n#github", "creation_timestamp": "2024-01-20T15:05:14.000000Z"}, {"uuid": "058d0f2e-0be1-4536-b6f1-e7ff5f4c02bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21306", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/116", "content": "https://github.com/Danyw24/blueXploit\n\nExploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)\n#github #exploit", "creation_timestamp": "2024-12-16T15:17:24.000000Z"}]}