CVE-2024-45434

Name of the Vulnerable Software and Affected Versions: OpenSynergy BlueSDK (aka Blue SDK) versions through 6.x

Description: The vulnerability resides within the BlueSDK Bluetooth stack and is due to a use-after-free condition. This flaw occurs because of a lack of validation to confirm the existence of an object before operations are performed on it. An attacker can leverage this to achieve remote code execution within the context of the user account under which the Bluetooth process is running.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.