N/A

The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a "KeyJack injection attack."

N/A

N/A

Lenovo Ultraslim保护器安全漏洞

Lenovo Liteon SK-8861等都是中国联想公司的产品。Lenovo Liteon SK-8861是一款无线键盘。Lenovo Ultraslim dongles是一款软件保护器。 Lenovo Ultraslim保护器中的固件存在安全漏洞，该漏洞源于程序没有正确执行增量AES计数器。远程攻击者可借助特制的保护器利用该漏洞注入加密的键盘输入到系统。使用该软件的以下产品受到影响：Lenovo Liteon SK-8861，Ultraslim Wireless，Silver Silk keyboa

N/A

N/A