How a USB-connected speaker can infect a PC without ever being touched
ID: df0b6f8b-3c88-5f4d-a07e-1757d58c4414
STIX ID: report--df0b6f8b-3c88-5f4d-a07e-1757d58c4414
Feed Name: Ars Technica Security (category)
A researcher demonstrated a remote, over-the-air firmware replacement attack against a Katana V2X Bluetooth speaker running FreeRTOS. By adding a secondary USB HID descriptor that reports the device as a keyboard and reusing firmware code to send keypresses, the attacker can inject keystrokes into connected PCs (e.g., open PowerShell and execute commands). The proof-of-concept shows potential for persistent, hard-to-remove malicious firmware and highlights that Bluetooth remains enabled even in sleep, increasing attackability.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
