INTEL-SA-00122: Intel Remote Keyboard Unauthenticated Keystroke Injection

Intel® Remote Keyboard Unauthenticated Keystroke Injection

Intel ID: INTEL-SA-00122
Product family: Intel® Remote Keyboard
Impact of vulnerability: Elevation of Privilege
Severity rating: Critical
Original release: Apr 03, 2018

Intel has issued a Product Discontinuation notice for Intel® Remote Keyboard and recommends that users of the Intel® Remote Keyboard uninstall it at their earliest convenience.

CVE-2018-3641:
Escalation of privilege in all versions of the Intel® Remote Keyboard allows a network attacker to inject keystrokes as a local user. Intel would like to thank @trotmaster99 for reporting this issue and working with us on coordinated disclosure.

CVE-2018-3645:
Escalation of privilege in all versions of the Intel® Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session. Intel would like to thank Mark Barnes for reporting this issue and working with us on coordinated disclosure.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s