* Security researchers have discovered new Bluetooth security flaws that allow
hackers to impersonate devices and perform man-in-the-middle attacks. * The
vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4,
including laptops, PCs, smartphones, tablets, and others. * Users can do nothing
at the moment to fix the vulnerabilities, and the solution requires device
manufacturers to make changes to the security mechanisms used by the technology.
Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066
[https://dl.acm.org/doi/pdf/10.1145/3576915.3623066] Github:
https://github.com/francozappa/bluffs [https://github.com/francozappa/bluffs]
CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023
[https://nvd.nist.gov/vuln/detail/CVE-2023-24023]
To be fair, the PXE boot would not affext a powered off device, it would only be an issue if the device was powered on.
But this is just splitting hairs, you have a good point in that few people would expect a PXE boot attack, not to mention that it could interact with wake on lan, which would turn on a powered down computer.
To be fair, the PXE boot would not affext a powered off device, it would only be an issue if the device was powered on.
But this is just splitting hairs, you have a good point in that few people would expect a PXE boot attack, not to mention that it could interact with wake on lan, which would turn on a powered down computer.
If a magic packet is accepted, off isn’t off. 😉
That’s fair.
It totally is splitting hairs and I was just being super technical lol