Microsoft Wireless Keyboard 850 CVE-2018-8117 Security Feature Bypass

Authors:anonymous              Risk:High
 
CVE:CVE-2018-8117             0day:Security Feature Bypass  

0day-id:0DAY-8117              Date:2018-04-12

Description

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices. An attacker would first have to extract the AES encryption key from the affected keyboard device. The attacker would also need to maintain physical proximity – within wireless range – of the devices for the duration of the attack.

An attacker could use the vulnerability to inject arbitrary keyboard HID packets into a keyboard’s dongle. For example, an attacker could simulate keystrokes to send malicious commands into a victim’s computer. An attacker could also read keystrokes such as passwords sent by other keyboards for the affected devices.

The update enhances security by mandating unique AES encryption keys are generated for each wireless keyboard device.

Exploitability Assessment

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Publicly Disclosed Exploited Latest Software Release Older Software Release Denial of Service
No No 2 – Exploitation Less Likely 2 – Exploitation Less Likely Not Applicable

 

Affected Products

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see the Microsoft Support Lifecycle.

Product
Platform
Article
Download
Impact
Severity
Supersedence
Microsoft Wireless Keyboard 850 Information Security Update Security Feature Bypass Important

Mitigations

Microsoft has not identified any mitigating factors for this vulnerability.

 

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

Leave a Reply