Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
History

Wed, 18 Dec 2024 02:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:8

Thu, 12 Dec 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
CPEs cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Vendors & Products Apple ipad Os
Apple ipados

Wed, 13 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-08T00:00:00

Updated: 2024-08-02T20:29:32.567Z

Reserved: 2023-10-14T00:00:00

Link: CVE-2023-45866

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-08T06:15:45.690

Modified: 2024-12-12T14:33:00.640

Link: CVE-2023-45866

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-12-07T00:00:00Z

Links: CVE-2023-45866 - Bugzilla