Synaptics SynTP.sys Driver Keylogger Vulnerability

Medium Nessus Plugin ID 105300

Synopsis

The remote host contains a kernel driver that is affected by a vulnerability.

Description

The 'SynTP.sys' driver included with Synaptics touch pad software installed on the remote host is affected by a keylogger vulnerability.

Solution

Apply the vendor supplied patch appropriate to your environment.

See Also

https://support.hp.com/us-en/document/c05827409

https://www.synaptics.com/company/blog/touchpad-security-brief

Plugin Details

Severity: Medium

ID: 105300

File Name: synaptics_syntp_sys_keylogger_vuln.nasl

Version: 1.2

Type: local

Agent: windows

Family: Windows

Published: 2017/12/15

Modified: 2018/05/23

Dependencies: 13855

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:N

CVSS v3.0

Base Score: 6.2

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated, Settings/ParanoidReport

Patch Publication Date: 2017/11/07

Vulnerability Publication Date: 2017/11/07

Reference Information

CVE: CVE-2017-17556

IAVA: 2017-A-0369