CVE-2015-3320

Published: Apr 16, 2015Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.

Affected (1)

Products: Lenovo: Usb Enhanced Performance Keyboard

Lenovo

1 product

Usb Enhanced Performance Keyboard

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lenovo Usb Enhanced Performance Keyboard	Up to 2.0.2.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/74196

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/74196

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.