CVE-2023-46870
HIGHNordic Semiconductor nRF Sniffer for Bluetooth LE <4.1.1 - RCE
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2023-46870. PoCs published by Chapoly1305.
AI-analyzed exploit summary The repository provides a detailed technical analysis of CVE-2023-46870, a privilege escalation vulnerability in Nordic Semiconductor nRF Sniffer for Bluetooth LE due to incorrect file permissions (777/666) on critical scripts. It includes replication steps, mitigation advice, and references to external resources like YouTube videos for further context.
Description
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts.
Exploits (1)
The repository provides a detailed technical analysis of CVE-2023-46870, a privilege escalation vulnerability in Nordic Semiconductor nRF Sniffer for Bluetooth LE due to incorrect file permissions (777/666) on critical scripts. It includes replication steps, mitigation advice, and references to external resources like YouTube videos for further context.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H