CVE-2024-21306

CVSS v2.0

6.1

Medium

Vector

AV:A/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Bluetooth Driver (affected versions not specified)

Description The issue is related to errors in the representation of information by the user interface in the Microsoft Bluetooth Driver. It allows a remote attacker to conduct spoofing attacks. The vulnerability can be exploited to pair a virtual Bluetooth keyboard without authentication or user confirmation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Authentication

UI Misrepresentation of Critical Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-451

Related Identifiers

BDU:2024-00406

CVE-2024-21306

Affected Products

Bluetooth Driver

Windows

CVE-2024-21306

Weakness Enumeration

Related Identifiers

Affected Products

References · 21