CVE-2024-24984
📋 TL;DR
This vulnerability in Intel Wireless Bluetooth drivers for Windows allows an unauthenticated attacker within Bluetooth range to potentially cause denial of service by sending specially crafted packets. It affects users of Intel Bluetooth products on Windows systems with vulnerable driver versions. The attack requires physical proximity to the target device.
💻 Affected Systems
- Intel Wireless Bluetooth products for Windows
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete Bluetooth service disruption requiring system reboot, potentially affecting all Bluetooth-connected devices and services.
Likely Case
Temporary Bluetooth connectivity loss affecting peripherals like mice, keyboards, and audio devices until service restarts.
If Mitigated
Minimal impact with proper network segmentation and Bluetooth usage policies in place.
🎯 Exploit Status
Attack requires proximity and knowledge of target Bluetooth address. No authentication needed once in range.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 23.40 or later
Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html
Restart Required: Yes
Instructions:
1. Download Intel Driver & Support Assistant from Intel website. 2. Run the tool to detect vulnerable drivers. 3. Follow prompts to update to version 23.40 or later. 4. Restart system when prompted.
🔧 Temporary Workarounds
Disable Bluetooth when not in use
windowsTurn off Bluetooth radio to prevent exploitation
Settings > Devices > Bluetooth & other devices > Turn Bluetooth Off
Set Bluetooth to non-discoverable
windowsPrevent device from being visible to nearby attackers
Settings > Devices > Bluetooth & other devices > More Bluetooth options > Uncheck 'Allow Bluetooth devices to find this PC'
🧯 If You Can't Patch
- Implement physical security controls to limit unauthorized Bluetooth device proximity
- Use network segmentation to isolate Bluetooth traffic and monitor for anomalous patterns
🔍 How to Verify
Check if Vulnerable:
Check Bluetooth driver version in Device Manager: Right-click Bluetooth device > Properties > Driver tab > Driver VersionCheck Version:
Get-WmiObject Win32_PnPSignedDriver | Where-Object {$_.DeviceName -like '*Bluetooth*'} | Select-Object DeviceName, DriverVersionVerify Fix Applied:
Verify driver version is 23.40 or higher in Device Manager📡 Detection & Monitoring
Log Indicators:
- Bluetooth service crashes in Windows Event Logs
- Multiple failed Bluetooth connection attempts from unknown devices
Network Indicators:
- Unusual Bluetooth traffic patterns
- Multiple connection attempts from single MAC address
SIEM Query:
EventID=1000 OR EventID=1001 AND SourceName='BTHUSB' OR SourceName='BTHPORT'