CVE-2016-10761

nvd nist

Published: Jun 29, 2019Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.

Affected (6)

Products: Logitech: K400r Firmware, K360 Firmware, K750 Firmware, K830 Firmware, Unifying Receiver Firmware

5 products

Unifying Receiver Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Logitech K400r Firmware	All versions

Running on/with	Platform Versions
Logitech K400r	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Logitech K360 Firmware	All versions

Running on/with	Platform Versions
Logitech K360	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Logitech K750 Firmware	All versions

Running on/with	Platform Versions
Logitech K750	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Logitech K830 Firmware	All versions

Running on/with	Platform Versions
Logitech K830	All versions

Configuration E

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Logitech Unifying Receiver Firmware	Version 012.001.00019
Logitech Unifying Receiver Firmware	Version 012.003.00025

Running on/with	Platform Versions
Logitech Unifying Receiver	All versions

Related CWEs

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

References (4)

https://github.com/BastilleResearch/mousejack/blob/master/doc/advisories/bastille-2.logitech.public.txt

Source: cve@mitre.org

Third Party Advisory

https://www.kb.cert.org/vuls/id/981271

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://github.com/BastilleResearch/mousejack/blob/master/doc/advisories/bastille-2.logitech.public.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.kb.cert.org/vuls/id/981271

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.