Lucene search

K
cvelistAppleCVELIST:CVE-2024-0230
HistoryJan 12, 2024 - 11:10 p.m.

CVE-2024-0230

2024-01-1223:10:45
apple
www.cve.org
cve-2024-0230
bluetooth pairing key extraction
accessory security

2.9 Low

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "Magic Keyboard Firmware Update",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "2.0.6",
        "versionType": "custom"
      }
    ]
  }
]

2.9 Low

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

Related for CVELIST:CVE-2024-0230