Intel® Remote Keyboard Unauthenticated Keystroke Injection
Intel ID: INTEL-SA-00122
Product family: Intel® Remote Keyboard
Impact of vulnerability: Elevation of Privilege
Severity rating: Critical
Original release: Apr 03, 2018
Intel has issued a Product Discontinuation notice for Intel® Remote Keyboard and recommends that users of the Intel® Remote Keyboard uninstall it at their earliest convenience.
CVE-2018-3641:
Escalation of privilege in all versions of the Intel® Remote Keyboard allows a network attacker to inject keystrokes as a local user. Intel would like to thank @trotmaster99 for reporting this issue and working with us on coordinated disclosure.
CVE-2018-3645:
Escalation of privilege in all versions of the Intel® Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session. Intel would like to thank Mark Barnes for reporting this issue and working with us on coordinated disclosure.
