Logitech Unifying Receiver Key Injection (MouseJack)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host has used a wireless USB keyboard device that is
potentially affected by a wireless key injection vulnerability.

Description :

The remote Windows host has used a Logitech Unifying Receiver wireless
USB device with firmware version 12.01 or 12.03. It is potentially
affected by a wireless key injection vulnerability that allows a
physically local attacker to send keystrokes to the host.

Note that Nessus cannot determine when the USB device was last used on
the remote host, just that is has been previously used.

See also :

https://secure.logitech.com/en-us/promotions/6072
https://www.mousejack.com/

Solution :

Unplug the Logitech Unifying Receiver wireless USB device from the
host until the vendor issues a firmware update or patch.

Risk factor :

Medium / CVSS Base Score : 6.2
(CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 88905 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now