Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-8360

Опубликовано: 12 мая 2017
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:conexant:mictray64:*:*:*:*:*:*:*:*
Версия до 1.0.0.46 (включая)

Одно из

cpe:2.3:h:hp:elite_x2_1012_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_1030_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_725_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_745_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_755_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_820_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_828_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_840_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_848_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_850_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_folio_1040_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_folio_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_430_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_440_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_446_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_450_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_455_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_470_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_640_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_645_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_650_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_655_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_15_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_15u_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_17_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_studio_g3:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00201
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-cfm5-hvqf-hqgc

CVSS3: 5.5
github
больше 3 лет назад

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process.

EPSS

Процентиль: 42%
0.00201
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200