Bluetooth Vulnerability Allows Arbitrary Code Execution with User Interaction
CVE-2023-44431

7.1HIGH

Key Information:

Vendor: Bluez
Status: Bluez
Vendor: CVE Published:; 3 May 2024

Summary

The vulnerability identified within the BlueZ Bluetooth protocol stack relates to a stack-based buffer overflow occurring during the processing of the Audio/Video Remote Control Profile (AVRCP). This specific flaw arises from insufficient validation of user-supplied data length before it is copied to a fixed-size stack-based buffer. An attacker in close proximity can exploit this vulnerability by enticing a user to connect their device to a malicious Bluetooth-enabled device. Upon a successful connection, the attacker may execute arbitrary code in the context of the user, potentially leading to unauthorized access and control over system resources. This could pose significant risks to the security and integrity of the affected installations.

Affected Version(s)

BlueZ 5.66

References

https://www.zerodayinitiative.com/advisories/ZDI-23-1900/

x_research-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 28, 2023