Keystroke Injection Vulnerability in Fujitsu Wireless Keyboard Set LX901
CVE-2019-9835

9.6CRITICAL

Key Information:

Vendor

Fujitsu

Status
Lx901 Firmware
Vendor
CVE Published:
15 March 2019

What is CVE-2019-9835?

The Fujitsu Wireless Keyboard Set LX901 GK900 devices are susceptible to a security flaw where the receiver component allows keystroke injection by accepting unencrypted 2.4 GHz packets. This poses a risk as it deviates from the expected secure communication protocol, where legitimate data transmission should use AES encryption, potentially enabling attackers to intercept or manipulate user inputs.

References

https://www.syss.de/fileadmin/dokumente/Publikationen/Adv...
x_refsource_MISC
http://www.securityfocus.com/bid/107440
vdb-entryx_refsource_BID

CVSS V3.1

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.