CVE-2024-21306

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Jan 9, 2024

Updated: Jun 11, 2024

CWE ID 306

Summary

CVE-2024-21306 is a newly disclosed vulnerability affecting Microsoft Bluetooth drivers. Maliciously crafted Bluetooth signals can be used to spoof authentication messages, potentially leading to unauthorized access to devices. This issue can put users at risk of privacy breaches and even allow attackers to execute arbitrary code. It is recommended that affected organizations install the latest Microsoft security updates as soon as possible to mitigate this risk. Users should also be cautious when connecting unfamiliar Bluetooth devices to their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uFgVix
https://www.cve.org/CVERecord?id=CVE-2024-21306
https://nvd.nist.gov/vuln/detail/CVE-2024-21306

Back to Vulnerability Database

CVE-2024-21306

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations