Vulnerability Details CVE-2019-18201
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, an attacker is able to eavesdrop on sensitive data such as passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/154955/Fujitsu-Wireless-Keyboard-Set-LX390-Missing-Encryption.html
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-010.txt
- https://www.syss.de/pentest-blog/2019/syss-2019-009-syss-2019-010-und-syss-2019-011-schwachstellen-in-weiterer-funktastatur-mit-sicherer-24-ghz-technologie/
- http://packetstormsecurity.com/files/154955/Fujitsu-Wireless-Keyboard-Set-LX390-Missing-Encryption.html
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-010.txt
- https://www.syss.de/pentest-blog/2019/syss-2019-009-syss-2019-010-und-syss-2019-011-schwachstellen-in-weiterer-funktastatur-mit-sicherer-24-ghz-technologie/
Products affected by CVE-2019-18201
-
cpe:2.3:h:fujitsu:lx390:gk381
-
cpe:2.3:o:fujitsu:lx390_firmware:-