Vulnerability CVE-2019-18200

Vulnerability CVE-2019-18200

Published: 2019-10-24 Modified: 2019-11-05

Description:

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.

See advisories in our WLB2 database:

	Topic	Author	Date
Low	Fujitsu Wireless Keyboard Set LX390 Keystroke Injection	Matthias Deeg	24.10.2019

Type:

CWE-74

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
10/10	10/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

References:

http://packetstormsecurity.com/files/154956/Fujitsu-Wireless-Keyboard-Set-LX390-Keystroke-Injection.html

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-011.txt

https://www.syss.de/pentest-blog/2019/syss-2019-009-syss-2019-010-und-syss-2019-011-schwachstellen-in-weiterer-funktastatur-mit-sicherer-24-ghz-technologie/

Vulnerability CVE-2019-18200

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.

See advisories in our WLB2 database:

Low

Fujitsu Wireless Keyboard Set LX390 Keystroke Injection

CWE-74

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

10/10

10/10

10/10

Remote

Low

No required

Complete

Complete

Complete

References: