CVE-2019-18200

Опубликовано: 24 окт. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.

Ссылки

http://packetstormsecurity.com/files/154956/Fujitsu-Wireless-Keyboard-Set-LX390-Keystroke-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-011.txt
Exploit
Third Party Advisory
https://www.syss.de/pentest-blog/2019/syss-2019-009-syss-2019-010-und-syss-2019-011-schwachstellen-in-weiterer-funktastatur-mit-sicherer-24-ghz-technologie/
Third Party Advisory
http://packetstormsecurity.com/files/154956/Fujitsu-Wireless-Keyboard-Set-LX390-Keystroke-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-011.txt
Exploit
Third Party Advisory
https://www.syss.de/pentest-blog/2019/syss-2019-009-syss-2019-010-und-syss-2019-011-schwachstellen-in-weiterer-funktastatur-mit-sicherer-24-ghz-technologie/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:fujitsu:lx390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:fujitsu:lx390:gk381:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00326

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-w9c2-rgxr-jgfg

github

больше 3 лет назад