CVE Vulnerability

CVE-2018-8117

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability." This affects Microsoft Wireless Keyboard 850.

7.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 5.5 / Impact : 9.2

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact NONE

Scope

6.8 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8117 Patch Vendor Advisory
http://www.securityfocus.com/bid/103711 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:h:microsoft:wireless_keyboard_850:-:*:*:*:*:*:*:*
Information

Published : 2018-04-12 01:29

Updated : 2019-10-03 12:03

NVD link : CVE-2018-8117

Mitre link : CVE-2018-8117

Products Affected
No products.
CWE
NVD-CWE-noinfo