Mumwe muongorori wezvekuchengetedza akawana huwandu hwekushushikana muvanogamuchira USB inoshandiswa ne logitech keyboards, mbeva, uye mharidzo yekusarudza.
Kunetseka uku kunogona kubvumira munhu akashata kuti asango tevera mabhatani ako, asi zvakare jekiseni maabovhoni avo., ichikubvumidza iwe kutora mukana wecomputer yakabatana ne USB inogamuchira. Kana encryption ikaitwa kuchengetedza kubatana pakati penhepfenyuro nedhijitari yayo mudziyo, izvi zvinokuvadza zvakare zvinobvumidza varwisi kuti vatore kiyi yekunyorera.
Zvakare, kana kiyi yeUSB ikashandisa "kiyi nhema runyorwa" kudzivirira chishandiso chakabaya jekiseni mabhatani, hurema hunobvumira ino chengetedzo dziviriro system kupfuurwa.
The
Uku ndiko kunetseka kunowanikwa muLogitech USB vanogamuchira
Maererano neshumo, zvese zvishandiso zveLogitech zvisina waya zvinoshandisa Unifying radio technology zvinokanganiswa yeidzi kushushikana kunoonekwa neCVE-2019-13052, CVE-2019-13053, CVE-2019-13054 uye CVE-2019-13055.
Marcus Mengs, muongorori uyo akawana hurema uhwu, yakati yakaudza Logitech yezvaakawana uye kuti mutengesi akaronga kugadzirisa zvimwe, asi kwete zvese, zvezvinhu zvakataurwa.
CVE-2019-13052
Iyo CVE-2019-13052 kunetseka inogona kubvumira mubiridzi kuti abvise kutaurirana nekombuta host kana vakanyoresa kusangana pakati peyekushandisa mudziyo uye iyo inomiririra komputa.
"Nekiyi yakabiwa, anorwisa anogona kuwedzera mabhatani echimurenga, pamwe nekutsvagisa nekumisikidza zvigadzirwa zvekhibhodi zviri kure munguva chaiyo," akadaro Mengs.
Zvakare, mune zviitiko apo ma cybercriminals arasikirwa neakakosha kusunga mashandiro, anorwisa ane mukana wekuwana kune anogamuchira 'anogona nemaoko kutanga kuisazve pairing yechigadzirwa chatove chakabatana neanogamuchira, kuitira kuti:' uwane kiyi yekunyorwa kweiyo batanidza nekungodimbura nekubatanidzazve kiyi '.
CVE-2019-13053
Zvinoenderana naMengs, senge yapfuura, Uku kunetsekana kunotendera anorwisa kuti awedzere mabhatani mune yakavharidzirwa kutaurirana rwizi pakati pekiyi ye USB neLogitech mudziyo., kunyangwe pasina kuziva kiyi yekunyorera.
Iye muongorori akati mutambi wekutyisidzira angangoda mukana wemuviri wechigadzirwa kuti aite izvi.
Pfungwa iyi ndeyekutsikirira pakati pegumi nemaviri nemakumi maviri makiyi uye inorekodha traffic yakavharidzirwa, iyo inozoongorora nekudzosera kiyi yekunyorera.
Sezvo kuwanikwa kwemuviri kuchingodiwa kamwe chete, anorwisa anogona kuunganidza yakaringana cryptographic dhata pane redhiyo traffic.
"Kana iyo data yaunganidzwa, mabhatani ekudzivirira anogona kubayiwa jekiseni," akadaro Mengs.
CVE-2019-13054
Este inoshandiswa seyekushomeka kukanganisa chiratidzo muLogitech R500 uye Logitech SPOTLIGHT vanoratidzira vanosarudzanepo iyo CVE -2019-13055 ichishandiswa kune mamwe ese maLogitech zvishandiso zvinoshandisa Unifying kiyi.
Chikonzero icho Logitech's mharidzo yekusarudzika yakarongedzwa muzvikamu zvakasiyana ndeyekuti anorwisa anogona zvakare kupfuura "matema kiyi runyorwa" uye jekiseni makiyi musanganiswa pakati peA neZ, iyo, nehunyanzvi, haifanire kunge Inoenderana nemidziyo yekuratidzira.
Pamusoro pekukuvara kwayakawana mumwedzi mishoma yapfuura, Mengs akayambirawo kuti akawanda maLogitech Unifying dongles achiri kutambura kune yekare MouseJack kusagadzikana kwakaratidzwa muna 2016.
Kubva pamatambudziko CVE-2019-13054 kusvika kuCVE-2019-13055 nehunyanzvi izvi zvine njodzi imwechete. Sezvo izvo zvinokanganisa zvinoda kuwanikwa kwemuviri neanorwisa kuKubatanidza Kiyi yeLogitech chishandiso kuitira kuti ishandiswe zvinobudirira.
Sekureva kwaMengs, makiyi anouya nemirairo isina magwaro uye isina kukodzera dziviriro yedata iyo inobvumidza anorwisa kurasa makiyi ekuvharira akachengetwa pane vanogamuchira.
Kurwiswa kuzere kunotora sekondi kuti iite uye kana iyo yekubira iine makiyi ekuvharira, vanogona kuona mushandisi mabhatani kana kujekesa avo vega kuti vaite mashandiro akaipa uye kutora makomputa.
Logitech akaudza Mengs kuti gadziriso yenyaya iyi yakarongwa muna Nyamavhuvhu 2019.
Iva wekutanga kutaura