CVE-2024-0230

A session management issue exists in Apple Magic Keyboard firmware versions prior to 2.0.6. The vulnerability stems from insufficient checks during the Bluetooth pairing process, potentially allowing an attacker with physical access to the accessory to extract its Bluetooth pairing key [1].

The attack requires physical access to the keyboard, meaning an attacker must be in possession of the device or have close proximity to interact with its hardware. No additional authentication or user interaction is needed beyond the attacker's physical proximity [1][2].

If exploited, an attacker could use the extracted pairing key to monitor Bluetooth traffic between the keyboard and the paired host device. This could lead to information disclosure of keystrokes or other data transmitted over the Bluetooth connection, compromising the confidentiality of user input [1][2].

Mitigation

Apple has released Magic Keyboard Firmware Update 2.0.6, which addresses the session management issue with improved checks. Users are advised to update their Magic Keyboard firmware via the System Settings on Mac or through the Bluetooth settings on iOS/iPadOS to apply the patch [1][2].