ID CVE-2016-6257
Summary The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a "KeyJack injection attack."
References
Vulnerable Configurations
  • cpe:2.3:o:amazonbasics:firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:amazonbasics:firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:amazonbasics:usb_dongle:-:*:*:*:*:*:*:*
    cpe:2.3:h:amazonbasics:usb_dongle:-:*:*:*:*:*:*:*
  • cpe:2.3:h:amazonbasics:wireless_keyboard:-:*:*:*:*:*:*:*
    cpe:2.3:h:amazonbasics:wireless_keyboard:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:km714_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:h:dell:km714_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:km714_dongle:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:km714_dongle:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:km714_wireless_keyboard:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:km714_wireless_keyboard:-:*:*:*:*:*:*:*
  • cpe:2.3:o:dell:km632_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:dell:km632_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:km632_dongle:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:km632_dongle:-:*:*:*:*:*:*:*
  • cpe:2.3:h:dell:km632_wireless_keyboard:-:*:*:*:*:*:*:*
    cpe:2.3:h:dell:km632_wireless_keyboard:-:*:*:*:*:*:*:*
  • cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:logitech:unifying_dongle:-:*:*:*:*:*:*:*
    cpe:2.3:h:logitech:unifying_dongle:-:*:*:*:*:*:*:*
  • cpe:2.3:o:lenovo:ultraslim_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:lenovo:ultraslim_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:lenovo:ultraslim_dongle:-:*:*:*:*:*:*:*
    cpe:2.3:h:lenovo:ultraslim_dongle:-:*:*:*:*:*:*:*
  • cpe:2.3:h:lenovo:ultraslim_wireless_keyboard:-:*:*:*:*:*:*:*
    cpe:2.3:h:lenovo:ultraslim_wireless_keyboard:-:*:*:*:*:*:*:*
CVSS
Base: 3.3 (as of 12-08-2016 - 16:27)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:A/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 92179
confirm https://support.lenovo.com/product_security/len_7267
misc
Last major update 12-08-2016 - 16:27
Published 02-08-2016 - 14:59
Last modified 12-08-2016 - 16:27
Back to Top