ID CVE-2018-8117
Summary A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability." This affects Microsoft Wireless Keyboard 850.
References
Vulnerable Configurations
  • cpe:2.3:h:microsoft:wireless_keyboard_850
    cpe:2.3:h:microsoft:wireless_keyboard_850
CVSS
Base: 7.3
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
msbulletin via4
bulletin_SOURCE_FILE https://portal.msrc.microsoft.com/api/security-guidance/en-us/
cves_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8117
impact Security Feature Bypass
knowledgebase_SOURCE_FILE
knowledgebase_id
name Microsoft Wireless Keyboard 850
publishedDate 2018-04-10T07:00:00
severity Important
refmap via4
bid 103711
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8117
Last major update 11-04-2018 - 21:29
Published 11-04-2018 - 21:29
Last modified 23-05-2018 - 14:53
Back to Top