WolfVision Cynap versions 1.18g and 1.28j suffer from a hardcoded credential vulnerability.
d6b2f3a38c59dff4dc8014904e4bc9fb7be3b0831749657f9c23488cc4c0a1ff
Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest wireless alarm system can easily be cloned and used to deactivate the alarm system in an unauthorized way. Version 3.01.01 is affected.
9aa96c7e78ac0cc59dc8c9762e90be180a231028ffcc00fc5372b502ed7fcf6c
In this article, the authors want to present an example of exploiting a trust relationship between two technical devices that can put the confidentiality of sensitive data or the integrity of a computer system at risk. This trust relationship they exploit exists between two Bluetooth devices: On the one side a computer system you want to remain secure and you don't want to be compromised, for example your laptop, or your smartphone, and on the other side a Bluetooth device you usually do not consider worth protecting with special diligence as it simply is an output device of a specific kind and does not persistently store any of your valuable data locally, for example headphones.
b73346666342349f472c954f5a015752063415c14b1cc1ea74d10fb17608bf4a
This whitepaper is a case study that analyzes the security of modern bluetooth keyboards. In the course of this research project, SySS GmbH analyzed three currently popular wireless keyboards using Bluetooth technology that can be bought on the Amazon marketplace for security vulnerabilities. The following three devices were tested for security issues from different attacker perspectives: 1byoneKeyboard, LogitechK480, and MicrosoftDesignerBluetoothDesktop (Model1678 2017).
c3809eac9d774959095aaa64f57d5970b03ee8190b8247907992919c1953a04e
Whitepaper call Of Mice and Keyboards. This write up gives you an overview on the security of modern wireless desktop sets.
a23b6c71f4bc4c2bb5db90ee5bab0a7cd56644257573acdf96d51e19d1e89e12
SySS GmbH found out that the 125 kHz RFID technology used by the EASY HOME MAS-S01-09 wireless alarm system has no protection by means of authentication against rogue/cloned RFID tokens. The information stored on the used RFID tokens can be read easily in a very short time from distances up to 1 meter, depending on the used RFID reader. A working cloned RFID token is ready for use within a couple of seconds using freely available tools.
f2b5958d04f9bcacb801da8a3f95c98a49142000d47cd1feadd0ebc033c088f0
Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to replay attacks.
b19e73ae566f67141fff01b385e124ffe916d02b99d2f4b1eb6581a9331a10b9
Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to brute-force attacks.
a33d718d22481da6180fc9af25a09eb7609ae79013ec68a0eb5bd6fddea35071
Microsoft Wireless Desktop 2000 version A suffers from cryptographic issues and replay attacks.
5b91e6090047fef94d34dd0fd973cc4e86a6c54ee1ac8d86d8a8818ca9bfdeca
Wireless Keyboard Set LX901 model GK900 is missing protection against replay attacks.
76381a4aa95212b548a5c57eb1416134f9c09f4ceba809253b945b2d5b315328
Microsoft Wireless Desktop 2000 version A suffers from insufficient protection of code (firmware) and data (cryptographic key).
a2e84bef4f1b103936ce31df00ad89196bd85c85162d189f4577c1a150082ee0
The Perixx PERIDUO-710W KG-1027 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.
f4bc0516c208b0307fe50d327f89c8d288ef83ffc61506179cd54509362894b3
The CHERRY B.UNLIMITED AES JD-0400EU-2/01 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.
1638ec208f8e37eaf9b5a1c43ce2ce9035fedf7e2ee03ce599899ee97a9d2669
The Logitech M520 Y-R0012 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.
b5b536b4797a8eff1eb40c967a4bdf37db110f16f71fc0a6f0da5e15e92a9b27
CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and replay attack vulnerabilities.
3737c6b837cb5779da05eb65eeceaa868fb36d30c20fac2a630e28c5168f4313
Microsoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.
bc89d14332c2b68a2ee9f6c37aaad16729c3eaea94ed00aa4a432e5198e87c01
Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.
8a417656e3f50e51e5bc8be30c76990235aac75b6972f2542d7dafd6526a1364
Perixx Computer PERIDUO-710W suffers from insufficient protection of code (firmware) and data (cryptographic key).
38f937f8061cad43b21e684ff35b905293604b2bc0497e65235d623d04f62a1c
Perixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.
1a00902e3cc0b35718d10d3b1e91ac8b418d375cddc8f60c930a86c9a262dc22
Logitech K520 keyboards suffer form cryptographic issues and insufficient protection against replay attacks.
02220b6a6fed68dae857d702f9529ab8a00d04c1577c2ca7f2ea7e090a2225d2
CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.
8d783cf17d0aeb744bc415fcc3f5209b17a3b0f1fec084fd4a66af59968c352f
CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from insufficient protection of code (firmware) and data (cryptographic key).
f1ff00bde501a530edae9d601cb3986ee2e1274ad3e4408f7af68bf525e7d5f6