CVE-2024-34730
📋 TL;DR
This vulnerability allows attackers to bypass user consent requirements when pairing new Bluetooth HID devices, enabling local privilege escalation without requiring user interaction. It affects Android devices with vulnerable Bluetooth implementations. Attackers could connect malicious input devices without the user's knowledge.
💻 Affected Systems
- Android devices with vulnerable Bluetooth implementations
📦 What is this software?
Android by Google
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
An attacker with physical proximity could pair a malicious Bluetooth keyboard/mouse and execute arbitrary commands with elevated privileges, potentially taking full control of the device.
Likely Case
Attackers in close proximity could pair Bluetooth input devices to capture keystrokes, inject commands, or perform unauthorized actions on vulnerable Android devices.
If Mitigated
With Bluetooth disabled or strict Bluetooth security policies enforced, the attack surface is significantly reduced, though physical proximity risks remain.
🎯 Exploit Status
Exploitation requires physical proximity and knowledge of Bluetooth attack techniques, but no user interaction or authentication is needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android security patch level January 2025 or later
Vendor Advisory: https://source.android.com/security/bulletin/2025-01-01
Restart Required: Yes
Instructions:
1. Check for system updates in Settings > System > System update. 2. Install the January 2025 Android security patch. 3. Reboot the device after installation.
🔧 Temporary Workarounds
Disable Bluetooth when not in use
AndroidTurn off Bluetooth to prevent unauthorized device pairing attempts
adb shell settings put global bluetooth_on 0
Or manually disable via Settings > Connected devices > Connection preferences > Bluetooth
Enable Bluetooth visibility timeout
AndroidSet Bluetooth to be discoverable only for short periods when pairing legitimate devices
Configure via Settings > Connected devices > Connection preferences > Bluetooth > Device visibility
🧯 If You Can't Patch
- Disable Bluetooth completely on vulnerable devices
- Implement physical security controls to prevent unauthorized access to device proximity
🔍 How to Verify
Check if Vulnerable:
Check Android security patch level in Settings > About phone > Android version > Security patch level. If before January 2025, device is vulnerable.Check Version:
adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify security patch level shows January 2025 or later after applying updates.📡 Detection & Monitoring
Log Indicators:
- Unexpected Bluetooth pairing events in system logs
- Bluetooth HID connections from unknown devices
Network Indicators:
- Bluetooth MAC addresses attempting repeated pairing
- Unusual Bluetooth traffic patterns
SIEM Query:
source="android_system" "Bluetooth" "pairing" "HID" NOT device_name="known_device"