The dongles are often found with the company's wireless keyboards, mice, presentation clickers, trackballs, and more. Unifying is one of Logitech's standard dongle radio technology, and has been shipping with a wide array of Logitech wireless gear for a decade, since 2009. Logitech "Unifying" dongles are impactedĪccording to Mengs, the vulnerabilities impact all Logitech USB dongles that use the company's proprietary " Unifying" 2.4 GHz radio technology to communicate with wireless devices. Marcus Mengs, the researcher who discovered these vulnerabilities, said he notified Logitech about his findings, and the vendor plans to patch some of the reported issues, but not all. When encryption is used to protect the connection between the dongle and its paired device, the vulnerabilities also allow attackers to recover the encryption key.įurthermore, if the USB dongle uses a "key blacklist" to prevent the paired device from injecting keystrokes, the vulnerabilities allow the bypassing of this security protection system. The vulnerabilities allow attackers to sniff on keyboard traffic, but also inject keystrokes (even into dongles not connected to a wireless keyboard) and take over the computer to which a dongle has been connected. A security researcher has publicly disclosed new vulnerabilities in the USB dongles (receivers) used by Logitech wireless keyboards, mice, and presentation clickers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |