- #LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER HOW TO#
- #LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER PATCH#
- #LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER BLUETOOTH#
Mengs says this vulnerability exists due to an incomplete fix for CVE-2016-10761, one of the infamous MouseJack vulnerabilities, and that Logitech has no plans on patching this new attack variation.ĬVE-2019-13054 and CVE-2019-13055 are technically the same vulnerability. "Once the data has been collected, arbitrary keystrokes could be injected, when and as often as the attacker likes," Mengs said.įurthermore, when attacking certain type of wireless devices, such as presentation clickers, the attack is even more simple, as the attacker doesn't need actual physical access, as he can infer when a next/previous button has been pressed, and classify the logged radio traffic accordingly. Physical access is required only once, so the attacker can collect enough cryptographic data from the radio traffic. The concept is that an attacker presses between 12 and 20 keys and records the encrypted traffic, which he/she later analyzes and recovers the encryption key. The researcher says the attacker needs physical access to a device to perform this attack. CVE-2019-13053Īccording to Mengs, this is a vulnerability through which an attacker can inject keystrokes into the encrypted communications stream between a USB dongle and a Logitech device, even without knowing the encryption key.
#LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER BLUETOOTH#
When the search giant found out that attackers could pair a malicious device to a user's computer because of a weak pairing process in the Bluetooth version of its Titan security key, Google issued a worldwide recall of all impacted Titan keys. This response is the complete opposite to what Google did in a similar situation.
#LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER PATCH#
Logitech told Mengs that they don't plan to issue a firmware patch for this vulnerability. This includes both Logitech wireless keyboards using Unifying dongles, but also the dongles of MX Anywhere 2S mice, which can also accept keyboard input.ĭemos are below, and Mengs says the attacks are invisible to users. "With the stolen key, the attacker is able to inject arbitrary keystrokes, as well as to eavesdrop and live decrypt keyboard input remotely," Mengs said.įurthermore, in situations where the attacker has missed the dongle pairing operation, an attacker with physical access to the dongle "could manually initiate a re-pairing of an already paired device to the receiver, in order to obtain the link-encryption key," by simply unplugging and re-plugging the dongle.Īll Logitech Unifying USB dongles that support a keyboard input feature are affected. Mengs says that if an attacker can capture the pairing between a Unifying dongle and a Logitech wireless accessory, the attacker can recover the key used to encrypt traffic between the two components. Users can recognize if they're using a Logitech USB dongle that's vulnerable to these attacks because all Unifying dongles have an orange star printed on one of its sides, as portrayed in these Wikipedia images.īelow is a summary of Mengs' discoveries and Logitech's plan of action. The dongles are often found with the company's wireless keyboards, mice, presentation clickers, trackballs, and more. Unifying is one of Logitech's standard dongle radio technology, and has been shipping with a wide array of Logitech wireless gear for a decade, since 2009.
Logitech "Unifying" dongles are impactedĪccording to Mengs, the vulnerabilities impact all Logitech USB dongles that use the company's proprietary " Unifying" 2.4 GHz radio technology to communicate with wireless devices. Marcus Mengs, the researcher who discovered these vulnerabilities, said he notified Logitech about his findings, and the vendor plans to patch some of the reported issues, but not all. When encryption is used to protect the connection between the dongle and its paired device, the vulnerabilities also allow attackers to recover the encryption key.įurthermore, if the USB dongle uses a "key blacklist" to prevent the paired device from injecting keystrokes, the vulnerabilities allow the bypassing of this security protection system.
The vulnerabilities allow attackers to sniff on keyboard traffic, but also inject keystrokes (even into dongles not connected to a wireless keyboard) and take over the computer to which a dongle has been connected. Remote work vs back to the office? It's not that simpleĪ security researcher has publicly disclosed new vulnerabilities in the USB dongles (receivers) used by Logitech wireless keyboards, mice, and presentation clickers.
#LOGITECH WIRELESS USB SECURE CONNECT MINI RECEIVER HOW TO#
How to become a software engineer at AmazonĬut the cord: Best live TV streaming service This controversial Starbucks move put me off coffeeĬISA warns: Here are 66 more security flaws