silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
Two high-severity flaws, discovered in a popular Fujitsu wireless keyboard set, could allow attackers from a short distance away to “eavesdrop” on passwords entered into the keyboards, or even fully takeover a victim’s system.
Making matters worse, the impacted Fujitsu wireless keyboard LX390 reached end-of-life in May 2019 – meaning that a patch is not available and affected users are instead urged to replace their keyboards entirely.
“Fujitsu has released two new wireless keyboard sets named LX410 and LX960 that are not affected by the described security issue,” said Matthias Deeg, researcher with Germany-based SySS, in an advisory sent to Threatpost on Wednesday. “SySS recommends replacing LX390 wireless keyboard sets used in environments with higher security demands, for instance with one of the newer successor models LX410 or LX960.”
The Fujitsu Wireless Keyboard Set LX390 desk set consists of a mouse and a keyboard. The wireless keyboard transmits keystrokes to the desktop wirelessly using a 2.4 GHz-range transceiver.
Fujitsu Wireless Keyboard Plagued By Unpatched Flaws
Two high-severity vulnerabilities in a Fujitsu wireless keyboard expose passwords and allow keystroke injection attacks.
threatpost.com