CVE-2019-9835

High

9.6/10

Summary

The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitimate communication uses AES encryption.

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Mar 15, 2019

CVE-2019-9835

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS