Kunetseka kutsva kwakawanikwa muLogitech USB vanogamuchira

Logitech USB

Mumwe muongorori wezvekuchengetedza akawana huwandu hwekushushikana muvanogamuchira USB inoshandiswa ne logitech keyboards, mbeva, uye mharidzo yekusarudza.

Kunetseka uku kunogona kubvumira munhu akashata kuti asango tevera mabhatani ako, asi zvakare jekiseni maabovhoni avo., ichikubvumidza iwe kutora mukana wecomputer yakabatana ne USB inogamuchira. Kana encryption ikaitwa kuchengetedza kubatana pakati penhepfenyuro nedhijitari yayo mudziyo, izvi zvinokuvadza zvakare zvinobvumidza varwisi kuti vatore kiyi yekunyorera.

Zvakare, kana kiyi yeUSB ikashandisa "kiyi nhema runyorwa" kudzivirira chishandiso chakabaya jekiseni mabhatani, hurema hunobvumira ino chengetedzo dziviriro system kupfuurwa.

Uku ndiko kunetseka kunowanikwa muLogitech USB vanogamuchira

Maererano neshumo, zvese zvishandiso zveLogitech zvisina waya zvinoshandisa Unifying radio technology zvinokanganiswa yeidzi kushushikana kunoonekwa neCVE-2019-13052, CVE-2019-13053, CVE-2019-13054 uye CVE-2019-13055.

Marcus Mengs, muongorori uyo akawana hurema uhwu, yakati yakaudza Logitech yezvaakawana uye kuti mutengesi akaronga kugadzirisa zvimwe, asi kwete zvese, zvezvinhu zvakataurwa.

CVE-2019-13052

Iyo CVE-2019-13052 kunetseka inogona kubvumira mubiridzi kuti abvise kutaurirana nekombuta host kana vakanyoresa kusangana pakati peyekushandisa mudziyo uye iyo inomiririra komputa.

"Nekiyi yakabiwa, anorwisa anogona kuwedzera mabhatani echimurenga, pamwe nekutsvagisa nekumisikidza zvigadzirwa zvekhibhodi zviri kure munguva chaiyo," akadaro Mengs.

Zvakare, mune zviitiko apo ma cybercriminals arasikirwa neakakosha kusunga mashandiro, anorwisa ane mukana wekuwana kune anogamuchira 'anogona nemaoko kutanga kuisazve pairing yechigadzirwa chatove chakabatana neanogamuchira, kuitira kuti:' uwane kiyi yekunyorwa kweiyo batanidza nekungodimbura nekubatanidzazve kiyi '.

CVE-2019-13053

Zvinoenderana naMengs, senge yapfuura, Uku kunetsekana kunotendera anorwisa kuti awedzere mabhatani mune yakavharidzirwa kutaurirana rwizi pakati pekiyi ye USB neLogitech mudziyo., kunyangwe pasina kuziva kiyi yekunyorera.

Iye muongorori akati mutambi wekutyisidzira angangoda mukana wemuviri wechigadzirwa kuti aite izvi.

Pfungwa iyi ndeyekutsikirira pakati pegumi nemaviri nemakumi maviri makiyi uye inorekodha traffic yakavharidzirwa, iyo inozoongorora nekudzosera kiyi yekunyorera.

Sezvo kuwanikwa kwemuviri kuchingodiwa kamwe chete, anorwisa anogona kuunganidza yakaringana cryptographic dhata pane redhiyo traffic.

"Kana iyo data yaunganidzwa, mabhatani ekudzivirira anogona kubayiwa jekiseni," akadaro Mengs.

CVE-2019-13054

Este inoshandiswa seyekushomeka kukanganisa chiratidzo muLogitech R500 uye Logitech SPOTLIGHT vanoratidzira vanosarudzanepo iyo CVE -2019-13055 ichishandiswa kune mamwe ese maLogitech zvishandiso zvinoshandisa Unifying kiyi.

Chikonzero icho Logitech's mharidzo yekusarudzika yakarongedzwa muzvikamu zvakasiyana ndeyekuti anorwisa anogona zvakare kupfuura "matema kiyi runyorwa" uye jekiseni makiyi musanganiswa pakati peA neZ, iyo, nehunyanzvi, haifanire kunge Inoenderana nemidziyo yekuratidzira.

Pamusoro pekukuvara kwayakawana mumwedzi mishoma yapfuura, Mengs akayambirawo kuti akawanda maLogitech Unifying dongles achiri kutambura kune yekare MouseJack kusagadzikana kwakaratidzwa muna 2016.

Kubva pamatambudziko CVE-2019-13054 kusvika kuCVE-2019-13055 nehunyanzvi izvi zvine njodzi imwechete. Sezvo izvo zvinokanganisa zvinoda kuwanikwa kwemuviri neanorwisa kuKubatanidza Kiyi yeLogitech chishandiso kuitira kuti ishandiswe zvinobudirira.

Sekureva kwaMengs, makiyi anouya nemirairo isina magwaro uye isina kukodzera dziviriro yedata iyo inobvumidza anorwisa kurasa makiyi ekuvharira akachengetwa pane vanogamuchira.

Kurwiswa kuzere kunotora sekondi kuti iite uye kana iyo yekubira iine makiyi ekuvharira, vanogona kuona mushandisi mabhatani kana kujekesa avo vega kuti vaite mashandiro akaipa uye kutora makomputa.

Logitech akaudza Mengs kuti gadziriso yenyaya iyi yakarongwa muna Nyamavhuvhu 2019.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako