CVE-2024-0230

CVE Database · CVE-2024-0230

CVE-2024-0230

· LOWModified

CVSS v3.1

2.4

EPSS

1.22%

Published

Jan 12, 2024

Modified

Apr 2, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products (2)

apple · magic_keyboard_firmware (up to 2.0.6)vulnerable

apple · magic_keyboard

References (3)

https://support.apple.com/en-us/120303

https://support.apple.com/en-us/HT214050

Release NotesThird Party Advisory

https://support.apple.com/kb/HT214050

KEV Catalog EPSS Scores Vendors All CVEs