Rapid7 Vulnerability & Exploit Database

Insecure wireless keyboard installed

Back to Search

Insecure wireless keyboard installed

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
12/05/2007
Created
07/25/2018
Added
12/05/2007
Modified
12/04/2013

Description

The system was found to have the drivers for an insecure wireless keyboard installed. Certain non-Bluetooth wireless keyboards (including some manufactured by Microsoft and Logitech) are designed with very weak encryption that is trivially easy to defeat. The result is that a remote attacker equipped with a laptop and a small antenna can capture every keystroke from all wireless keyboards operating within at least a 10m (32ft) radius (through walls and floors). With a more powerful antenna, keystrokes can likely be captured from much farther away.

This vulnerability stems from a fundamental design flaw in the RF protocol used by these 27MHz wireless devices, causing them to be even less secure than Bluetooth-based keyboards.

Note that due to the mechanisms used to detect this vulnerability on Windows systems, it is possible that the device is no longer actively connected to the system (although it is certain that the device WAS connected to the system in the past). This is still important when you consider that laptops with sensitive company data are frequently taken off-site and connected to other peripherals (for example, a user who plugs the his company laptop into a wireless keyboard at home).

Solution(s)

  • discontinue-insecure-wireless-keyboard-usage

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;