Lucene search
K

384 matches found

Prion
Prion
added 2019/06/29 8:15 p.m.11 views

Code injection

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...

3.3CVSS6.5AI score0.00673EPSS
Exploits1References1
Prion
Prion
added 2019/06/29 8:15 p.m.17 views

Design/Logic Flaw

Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard...

3.3CVSS6.5AI score0.01033EPSS
Exploits1References1
CVE
CVE
added 2019/06/29 7:7 p.m.71 views

CVE-2019-13055

Logitech Unifying devices are affected by CVE-2019-13055, where an attacker can dump AES keys and addresses, enabling live decryption of RF transmissions (demonstrated against a K360 keyboard). The connected sources corroborate information disclosure via the Unifying receiver; root cause and affe...

6.5CVSS6.5AI score0.01033EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/06/29 7:7 p.m.20 views

CVE-2019-13055

Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard...

6.5AI score0.01033EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/06/29 7:6 p.m.19 views

CVE-2019-13054

The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z...

6.8AI score0.00849EPSS
Exploits1References1
CVE
CVE
added 2019/06/29 7:6 p.m.60 views

CVE-2019-13054

The CVE-2019-13054 entry concerns Logitech R500 wireless presentation clickers. Connected sources describe a vulnerability allowing an attacker to determine the AES key, enabling keystroke injection. On Windows, text can be injected by abusing ALT+NUMPAD input to bypass the A–Z character restrict...

6.5CVSS6.7AI score0.00849EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/06/29 7:6 p.m.78 views

CVE-2019-13053

CVE-2019-13053 describes a keystroke injection vulnerability in Logitech Unifying devices. The issue allows an attacker to inject keystrokes and bypass encryption by pressing a specific “magic” key combination while listening to the RF transmission. The vulnerability is noted as a consequence of ...

6.5CVSS6.6AI score0.00544EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/06/29 7:6 p.m.31 views

CVE-2019-13053

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

6.6AI score0.00544EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/06/29 7:6 p.m.31 views

CVE-2016-10761

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

6.5AI score0.00745EPSS
Exploits0References2
CVE
CVE
added 2019/06/29 7:6 p.m.83 views

CVE-2016-10761

CVE-2016-10761 affects Logitech Unifying devices prior to 2016-02-26, enabling keystroke injection and bypassing encryption (MouseJack). The NVD entry lists low to medium severity (CVSS v2 base 3.3, CVSS v3 base 6.5) with adjacent, low-complexity exploitation and no user interaction required. Pub...

6.5CVSS6.5AI score0.00745EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/06/29 7:5 p.m.20 views

CVE-2019-13052

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...

6.5AI score0.00673EPSS
Exploits1References1
CVE
CVE
added 2019/06/29 7:5 p.m.74 views

CVE-2019-13052

CVE-2019-13052 concerns Logitech Unifying devices where, if the pairing between a keyboard and its receiver is sniffed, an attacker could achieve live decryption of the communication. The core details across connected records identify the affected class as Logitech Unifying devices and describe a...

6.5CVSS6.5AI score0.00673EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/06/07 9:29 p.m.4 views

CVE-2019-12506

Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target...

8.8CVSS7.4AI score0.01347EPSS
Exploits2References4
Prion
Prion
added 2019/06/07 9:29 p.m.13 views

Design/Logic Flaw

Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target...

8.3CVSS8.9AI score0.01347EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2019/06/07 8:26 p.m.12 views

CVE-2019-12506

Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target...

9AI score0.01347EPSS
Exploits2References4
CVE
CVE
added 2019/06/07 8:26 p.m.207 views

CVE-2019-12506

CVE-2019-12506 affects the Logitech R700 Laser Presentation Remote R-R0010. The vulnerability arises from unencrypted and unauthenticated wireless communication, enabling keystroke injection and allowing an attacker to send arbitrary keystrokes to a victim’s computer when the receiver is in range...

8.8CVSS8.9AI score0.01347EPSS
Exploits2References4Affected Software1
CNVD
CNVD
added 2019/06/05 12:0 a.m.2 views

Logitech R700 Laser Presentation Remote R-R0010 Injection Vulnerability

The Logitech R700 Laser Presentation Remote R-R0010 is a wireless presentation remote control from Logitech Switzerland. An injection vulnerability exists in Logitech R700 Laser Presentation Remote R-R0010. The vulnerability arises when, during user input to construct commands, data structures, o...

8.8CVSS7.4AI score0.01347EPSS
Exploits2References1
0day.today
0day.today
added 2019/06/05 12:0 a.m.141 views

Logitech R700 Laser Presentation Remote Keystroke Injection Vulnerability

Product: R700 Laser Presentation Remote Manufacturer: Logitech Affected Versions: Model R-R0010 PID WD904XM and PID WD802XM Tested Versions: Model R-R0010 PID WD904XM and PID WD802XM Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk...

8.8CVSS0.6AI score0.01347EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.29 views

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. ...

7.8CVSS7.3AI score0.37233EPSS
Exploits28References22
ThreatPost
ThreatPost
added 2019/03/05 5:2 a.m.108 views

BSides SF 2019: Remote-Root Bug in Logitech Harmony Hub Patched and Explained

SAN FRANCISCO – Users of Logitech’s Harmony Hub have been wide open to an attack for years because of four unpatched vulnerabilities that left any IoT device connected at risk to remote takeover. The bugs were patched by Logitech in November, but for the first time the researchers that discovered...

9.3CVSS9.6AI score0.03699EPSS
Exploits3References12
Rows per page
Query Builder