CVE-2024-0230

low

Description

A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.

References

https://support.apple.com/kb/HT214050

https://support.apple.com/en-us/HT214050

https://support.apple.com/en-us/120303

Details

Source: Mitre, NVD

Published: 2024-01-12

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 2.4

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.06655