Security Flaw in Sound Blaster Katana V2X Allows Remote PC Infection
A security vulnerability has been discovered in the Sound Blaster Katana V2X speaker, allowing remote code execution without physical access. Researcher Rasmus Moorats found that the speaker, sold by Creative Technologies, can be exploited via Bluetooth to upload custom firmware, potentially infecting connected PCs. The flaw lies in the Creative Transport Protocol (CTP), which lacks authentication and allows firmware updates without code signing. This vulnerability poses a significant risk as it could enable attackers to execute malicious commands on connected devices. 
