Search...

CVE-2015-3320

2015-04-16T23:59:00

ID CVE-2015-3320
Type cve
Reporter cve@mitre.org
Modified 2017-01-18T02:59:00

Description

Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.

JSON Vulners Source

Initial Source

{"id": "CVE-2015-3320", "bulletinFamily": "NVD", "title": "CVE-2015-3320", "description": "Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.", "published": "2015-04-16T23:59:00", "modified": "2017-01-18T02:59:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3320", "reporter": "cve@mitre.org", "references": ["https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard", "http://www.securityfocus.com/bid/74196"], "cvelist": ["CVE-2015-3320"], "type": "cve", "lastseen": "2021-02-02T06:21:24", "edition": 6, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "lenovo", "idList": ["LENOVO:PS500013-NOSID"]}], "modified": "2021-02-02T06:21:24", "rev": 2}, "score": {"value": 3.7, "vector": "NONE", "modified": "2021-02-02T06:21:24", "rev": 2}, "vulnersScore": 3.7}, "cpe": ["cpe:/a:lenovo:usb_enhanced_performance_keyboard:2.0.2.1"], "affectedSoftware": [{"cpeName": "lenovo:usb_enhanced_performance_keyboard", "name": "lenovo usb enhanced performance keyboard", "operator": "le", "version": "2.0.2.1"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:lenovo:usb_enhanced_performance_keyboard:2.0.2.1:*:*:*:*:*:*:*"], "cwe": ["CWE-200"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:lenovo:usb_enhanced_performance_keyboard:2.0.2.1:*:*:*:*:*:*:*", "versionEndIncluding": "2.0.2.1", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "74196", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74196"}, {"name": "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard"}], "immutableFields": []}

{"lenovo": [{"lastseen": "2018-02-21T17:02:03", "bulletinFamily": "info", "cvelist": ["CVE-2015-3320"], "description": "**Lenovo Security Advisory:** LEN-2015-015 \n**Potential Impact:** Escalation of Privilege \n**Severity**: Low\n\n**Summary:** \nLenovo\u2019s \u201cUSB Enhanced Performance Keyboard\u201d software has a known issue where debug code was accidently left in the application. The debug code includes information about which keys on the keyboard are pressed. Lenovo has released a new version of the software that removes the debug code. \n \n**Description:** \nThe debug code exists in all previous versions of the software, and has been preloaded on ThinkPad and ThinkCentre systems since early 2014. The debug code, in SKHOOKS.DLL, calls the Windows API OutputDebugString to indicate which key has been pressed. The debug code does not store this information or send it anywhere. There is no possibility to exploit this vulnerability remotely. Only users with access to the system, and the ability to run a special tool to capture debug output, are able to intercept these calls to OutputDebugString. To eliminate this vulnerability, Lenovo has removed the debug code from SKHOOKS.DLL. \n \n**Mitigation Strategy for Customers (what you should do to protect yourself):** \nThere are several ways you can protect yourself. Lenovo recommends that you take one of the following steps:\n\n * Starting from March 4, 2015, run Lenovo System Update and install the recommended USB Enhanced Performance Keyboard software update\n * Make sure you have the latest version of the software installed on your computer. The minimum version that corrects the problem is version 2.0.2.2. You can find the latest version of the software Here.\n * Alternatively, if you are not using the optional Lenovo USB Enhanced Performance Keyboard **(73p2620)**, you may uninstall this software using the following steps: \n 1. Open Control Panel\n 2. Click on \u201cPrograms\u201d\n 3. Click on \u201cUninstall a Program\u201d\n 4. In the list of installed programs, find \u201cUSB Enhanced Performance keyboard\u201d and then click on the \u201cUninstall\u201d button\n\n**Acknowledgements:** \nNone \n \n**Other information and references:** \nCVE ID: [CVE-2015-3320](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3320>) \n \n**Revision History:**\n\n**Revision**\n\n| \n\n**Date**\n\n| \n\n**Description** \n \n---|---|--- \n1.1 | 05/05/2015 | Added CVE ID \n \n1.0\n\n| \n\n03/04/2015\n\n| \n\nInitial Release\n", "edition": 1, "modified": "2017-01-23T00:00:00", "published": "2017-01-23T00:00:00", "id": "LENOVO:PS500013-NOSID", "href": "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard", "type": "lenovo", "title": "USB Enhanced Performance Keyboard", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}