Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2019-12505
HistoryJun 07, 2019 - 9:29 p.m.

CVE-2019-12505

2019-06-0721:29:02
CWE-306
CWE-319
mitre
web.nvd.nist.gov
205
cve-2019-12505
wireless presenter
inateck wp1001
keystroke injection
data communication
unencrypted
unauthenticated
keylogging

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim’s computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim’s computer that is operated with an affected receiver of this device.

Affected configurations

Nvd
Node
inateckwp1001_firmwareMatch1.3c
AND
inateckwp1001Match-
VendorProductVersionCPE
inateckwp1001_firmware1.3ccpe:2.3:o:inateck:wp1001_firmware:1.3c:*:*:*:*:*:*:*
inateckwp1001-cpe:2.3:h:inateck:wp1001:-:*:*:*:*:*:*:*

Related

cvelist 1
zdt 1
prion 1
nvd 1
cvelist
cvelist
CVE-2019-12505
2019-06-07 20:04:48
zdt
zdt
Inateck 2.4 GHz Wireless Presenter WP1001 Keystroke Injection Vulnerability
2019-06-05 00:00:00
prion
prion
Design/Logic Flaw
2019-06-07 21:29:00
nvd
nvd
CVE-2019-12505
2019-06-07 21:29:02

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON
Related for CVE-2019-12505
cvelist1zdt1prion1nvd1