Lucene search

[email protected]CVE-2010-1184

HistoryMar 29, 2010 - 10:30 p.m.

CVE-2010-1184

2010-03-2922:30:00

CWE-310

[email protected]

web.nvd.nist.gov

cve-2010-1184

microsoft

wireless keyboard

xor encryption

mac address

remote attackers

keystroke information

injection

keykeriki 2

7.4 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

67.5%

JSON

The Microsoft wireless keyboard uses XOR encryption with a key derived from the MAC address, which makes it easier for remote attackers to obtain keystroke information and inject arbitrary commands via a nearby wireless device, as demonstrated by Keykeriki 2.

CPENameOperatorVersion
microsoft:27mhz_wireless_keyboardmicrosoft 27mhz wireless keyboardeq*

CPE	Name	Operator	Version
microsoft:27mhz_wireless_keyboard	microsoft 27mhz wireless keyboard	eq	*

References

www.remote-exploit.org/?p=437

www.theregister.co.uk/2010/03/26/open_source_wireless_sniffer/

exchange.xforce.ibmcloud.com/vulnerabilities/57978

7.4 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

67.5%

JSON

Related for CVE-2010-1184

cvelist1 prion1