Dbus-1.0 Exploit -

org.bluez – the BlueZ Bluetooth stack. Vulnerability: Many IoT vendors expose the AgentManager1 interface without the NoOutput capability check, allowing a local non-root user to pair with a device and then send arbitrary HCI commands.

Result: root privilege escalation.

busctl list

Improperly configured security policies in system.conf or session.conf . Major D-Bus Vulnerability Highlights dbus-1.0 exploit