#VU85311 Cleartext storage of sensitive information in Magic Keyboard Firmware - CVE-2024-0230

Cybersecurity Help s.r.o.

Published: 2024-01-11 | Updated: 2024-05-23

Vulnerability identifier: #VU85311

Vulnerability risk: Low

CVSSv4.0: 0.9 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2024-0230

CWE-ID: CWE-312

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Magic Keyboard Firmware
Hardware solutions / Firmware

Vendor: Apple Inc.

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to the way Bluetooth pairing key is stored on the device. An attacker with physical access to the accessory can extract its Bluetooth pairing key and monitor Bluetooth traffic.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Magic Keyboard Firmware: before 2.0.6

External links
https://support.apple.com/en-us/HT214050

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Information disclosure in Apple Magic Keyboard Firmware