Vulnerabilities in the USB receivers used by Logitech wireless keyboards, mice, as well as presentation clickers have been detected by security researcher. With the help of these vulnerabilities a malicious party can eavesdrop on keystrokes. They can also inject their own keystrokes and all this can lead towards taking over the PC connected to the USB receiver.
As per an online report, by these vulnerabilities all Logitech wireless input devices with unifying radio technology are affected. Since 2009 Logitech has been Selling products with their unifying radio technology.
In German publication’s report security expert Marcus Mengs highlighted the Logitech vulnerabilities. Mr Marcus Mengs has been working with the Logitech to get them patched. As per the reports Logitech will not be patching all the vulnerabilities. Company will fix just some of them because patching all would likely to affect the compatibility between devices using Unifying radio technology.
Company uses Unifying radio technology in their many products. Entry-level devices as well as high-end models are using this technology. With this technology a single Unified receiver can use up to six compatible input devices. By looking at a small orange star logo we can identify affected USB receivers.
c’t states highlighted two main vulnerabilities that company doesn’t plan to fix – CVE-2019-13053 & CVE-2019-13052. By using CVE-2019-13053 vulnerability an attacker can insert any chosen keyboard input into the encrypted radio traffic. He do not need to know the cryptographic key used.
With the help of CVE-2019-13052 flaw an attacker can decrypt the encrypted communication between the input devices and the host computer, if they have noted the
between these two devices, input device and host computer. Check more updates
We recommend users to keep their devices safe and away from strangers. No strangers should physically manipulate your devices.
Related post: Hp Printer not printing