Code injection

An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...

Corsair K63 Mechanical Gaming Keyboard 安全漏洞

Corsair K63 Mechanical Gaming Keyboard is a wireless gaming keyboard from Corsair. A security vulnerability exists in the Corsair K63 Mechanical Gaming Keyboard version 3.1.3, which stems from a lack of AES encryption...

CVE-2019-18201

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords...

CVE-2019-18201

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords...

CVE-2019-18201

CVE-2019-18201 affects Fujitsu Wireless Keyboard Set LX390 GK381 devices. Root cause: 2.4 GHz communications lack proper encryption, enabling an attacker to sniff keystrokes and other sensitive data (passwords). The issue is documented with high severity (CVSS 3.1: HIGH) and has been linked to pr...

CVE-2019-18199

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks...

Design/Logic Flaw

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks...

CVE-2019-18200

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks...

CVE-2019-18200

CVE-2019-18200 affects Fujitsu Wireless Keyboard Set LX390 GK381. Root cause: 2.4 GHz communications were not properly encrypted, enabling keystroke injection attacks via crafted data packets or injection of keystrokes. The Threatpost report describes PoC attacks that can inject keystrokes at sho...

CVE-2019-18199

The CVE-2019-18199 entry concerns Fujitsu Wireless Keyboard Set LX390 GK381. The issue stems from insufficient protection of 2.4 GHz communications and password-based authentication, enabling replay attacks. Affected hardware is the Fujitsu Wireless Keyboard Set LX390 GK381; the vulnerability det...

Fujitsu Wireless Keyboard Plagued By Unpatched Flaws

Two high-severity flaws, discovered in a popular Fujitsu wireless keyboard set, could allow attackers from a short distance away to “eavesdrop” on passwords entered into the keyboards, or even fully takeover a victim’s system. Making matters worse, the impacted Fujitsu wireless keyboard LX390...

CVE-2019-9835

CVE-2019-9835 concerns the Fujitsu Wireless Keyboard Set LX901 GK900 receiver (bridge). The root cause is that the receiver accepts unencrypted 2.4 GHz packets, while legitimate communication uses AES; this enables keystroke injection. Metrics show a CVSS v3.0 base score of 9.6 (critical, adjacen...

CVE-2018-8117

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard...

CVE-2018-8117

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard...

Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices. An attacker would first have to...

Radio Hack Box - Tool to Demonstrate Vulnerabilities in Wireless Input Devices

The SySS Radio Hack Box is a proof-of-concept software tool to demonstrate the replay and keystroke injection vulnerabilities of the wireless keyboard Cherry B.Unlimited AES. Requirements Raspberry Pi Raspberry Pi Radio Hack Box shield a LCD, some LEDs, and some buttons nRF24LU1+ USB radio dongle...

Wireless Keyboard Set LX901 GK900 Replay Attack

Exploit for multiple platform in category local exploits Product: Wireless Keyboard Set LX901 Manufacturer: Fujitsu Affected Versions: Model No. GK900 Tested Versions: Model No. GK900 Vulnerability Type: Cryptographic Issues CWE-310 Missing Protection against Replay Attacks Risk Level: Medium...

Microsoft Wireless Desktop 2000 Insufficent Protection

Exploit for windows platform in category local exploits Product: Microsoft Wireless Desktop 2000 Manufacturer: Microsoft Affected Versions: Ver. A Tested Versions: Ver. A Vulnerability Type: Insufficient Protection of Code Firmware and Data Cryptographic Key Risk Level: Medium Solution Status: Op...

Lenovo 500 Wireless Keyboard or Mouse Keystroke Injection - Lenovo Support US

No description provided...

CHERRY B.UNLIMITED AES JD-0400EU-2/01 Crypto Issues / Replay Attacks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-031 Product: CHERRY B.UNLIMITED AES Manufacturer: Cherry GmbH Affected Versions: JD-0400EU-2/01 Tested Versions: JD-0400EU-2/01 Vulnerability Type: Cryptographic Issues CWE-310 Missing Protection against Replay Attacks Risk...