Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft Bluetooth Driver

CVE-2024-38123: Windows Bluetooth Driver Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of certain kernel memory content.

Microsoft Security Response Center
#vulnerability#windows#Microsoft Bluetooth Driver#Security Vulnerability
CVE-2024-21306: Microsoft Bluetooth Driver Spoofing Vulnerability

**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions.

CVE-2023-35634: Windows Bluetooth Driver Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to remote code execution on the Bluetooth component.

CVE-2023-24023: Mitre: CVE-2023-24023 Bluetooth Vulnerability

**Why is the MITRE Corporation the assigning CNA (CVE Numbering Authority)?** CVE-2023-24023 is regarding a vulnerability reported to the Bluetooth Special Interest Group (Bluetooth SIG). MITRE assigned this CVE number on behalf of the Bluetooth organization https://www.bluetooth.com/about-us/vision/.

CVE-2023-24948: Windows Bluetooth Driver Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to elevation of privilege on the Bluetooth component.

CVE-2023-24947: Windows Bluetooth Driver Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An unauthorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to remote code execution on the Bluetooth component.

CVE-2023-24944: Windows Bluetooth Driver Information Disclosure Vulnerability

**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** Exploiting this vulnerability requires an attacker to be within proximity of the target system in order to send and receive radio transmissions.

CVE-2023-28227: Windows Bluetooth Driver Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.

CVE-2023-23388: Windows Bluetooth Driver Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An authorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to elevation of privilege on the Bluetooth component.

CVE-2023-21739: Windows Bluetooth Driver Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.