// For flags

CVE-2019-9835

 

Severity Score

9.6
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitimate communication uses AES encryption.

El componente del recibidor (también conocido como bridge) de los dispositivos Fujitsu Wireless Keyboard Set LX901 y GK900 permite la inyección de pulsaciones de tecla. Esto ocurre porque acepta paquetes de 2.4 GHz sin cifrar, incluso aunque todas las comunicaciones legítimas emplean el cifrado AES.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-03-15 CVE Reserved
  • 2019-03-15 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Fujitsu
Search vendor "Fujitsu"
 Lx901 Firmware
Search vendor "Fujitsu" for product "Lx901 Firmware"
--
Affected
in Fujitsu
Search vendor "Fujitsu"
 Lx901
Search vendor "Fujitsu" for product "Lx901"
--
Safe
Fujitsu
Search vendor "Fujitsu"
 Gk900 Firmware
Search vendor "Fujitsu" for product "Gk900 Firmware"
--
Affected
in Fujitsu
Search vendor "Fujitsu"
 Gk900
Search vendor "Fujitsu" for product "Gk900"
--
Safe