Skip to main content

Wireless Keyboard 850 CVE-2018-8117

MEDIUM
2018-04-12 secure@microsoft.com
6.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 12, 2018 - 01:29 nvd
MEDIUM 6.8

DescriptionNVD

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability." This affects Microsoft Wireless Keyboard 850.

AnalysisAI

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.

Technical ContextAI

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability." This affects Microsoft Wireless Keyboard 850. Affected products include: Microsoft Wireless Keyboard 850.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2018-8117 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy