cve/2018/CVE-2018-16270.md

### [CVE-2018-16270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16270)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.

### POC

#### Reference
- https://www.youtube.com/watch?v=3IdgBwbOT-g&feature=youtu.be

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-16270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16270)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.`

			`### POC`

			`#### Reference`
			`- https://www.youtube.com/watch?v=3IdgBwbOT-g&feature=youtu.be`

			`#### Github`
			`No PoCs found on GitHub currently.`