July 9, 2019 05:40 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gioxFvzNa4k/logitech-wireless-usb-dongles-vulnerable-to-new-hijacking-flaws
Logitech Wireless USB Dongles Vulnerable To New Hijacking Flaws
A security researcher has publicly disclosed new vulnerabilities in the USB dongles (receivers) used by Logitech wireless keyboards, mice, and presentation clickers. New submitter raikoseagle shares a report: The vulnerabilities allow attackers to sniff on keyboard traffic, but also inject keystrokes (even into dongles not connected to a wireless keyboard) and take over the computer to which a dongle has been connected. When encryption is used to protect the connection between the dongle and its paired device, the vulnerabilities also allow attackers to recover the encryption key. Furthermore, if the USB dongle uses a "key blacklist" to prevent the paired device from injecting keystrokes, the vulnerabilities allow the bypassing of this security protection system. Marcus Mengs, the researcher who discovered these vulnerabilities, said he notified Logitech about his findings, and the vendor plans to patch some of the reported issues, but not all.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gioxFvzNa4k/logitech-wireless-usb-dongles-vulnerable-to-new-hijacking-flaws
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot