Kufunyenwe ubungozi obutsha kwi-Logitech i-USB

Darkcrizt

Imizuzu ye4

I-USB yeLogitech

Umphandi wezokhuseleko wafumanisa ukuba semngciphekweni okuthe gabalala kwizamkeli ze-USB esetyenziswe zibhodi yezitshixo ye-logitech, iimpuku, kunye neenketho zokubonisa.

Obu buthathaka bunokuvumela umntu okhohlakeleyo ukuba angalandeli nje amaqhosha akho, kodwa afake amaqhosha abo., Ukuvumela ukuba uthathe ithuba lekhompyuter eqhagamshelwe kwisamkeli se-USB. Ukuba ufihlo luyenziwa ukukhusela unxibelelwano phakathi kwemithombo yeendaba kunye nezixhobo zalo ezibhangqileyo, obu bungozi buvumela nabahlaseli ukuba bafumane isitshixo sokubethela.

Kwakhona, ukuba isitshixo se-USB sisebenzisa "isitshixo soluhlu oluvaliweyo" ukunqanda isixhobo esime ngxi ekungeneni ii-keystroke, ukuba sesichengeni kuvumela le nkqubo yokhuselo ukuba idlule.

Obu buthathaka obufunyenwe kwiLogitech USB eyamkelayo

Ngokwengxelo, Zonke izixhobo zokufaka ezingenazingcingo zeLogitech zisebenzisa Itekhnoloji yokuhlanganisa irediyo zichaphazelekile kobu buthathaka buchongwe yi-CVE-2019-13052, CVE-2019-13053, CVE-2019-13054 kunye neCVE-2019-13055.

UMarcus Mengs, umphandi ofumene obu buthathaka, yazisa uLogitech ngeziphumo zayo kwaye umthengisi uceba ukulungisa ezinye, kodwa ayizizo zonke, imiba exeliweyo.

I-CVE-2019-13052

Umngcipheko we-CVE-2019-13052 inokuvumela umqhekezi ukuba asuse ubuchule kunxibelelwano kunye nekhompyuter umkhosi ukuba ubhalisile umbutho phakathi kwesixhobo sokufaka kunye nekhompyuter yomamkeli.

"Ngesitshixo ebiweyo, umhlaseli unokongeza amaqhosha angabonakaliyo, kunye nokulandela umkhondo kunye nokucacisa ukufakwa kwebhodi yezitshixo ngexesha elifanelekileyo," utshilo uMengs.

Ngaphaya koko, kwimeko apho abenzi be-cyber balawulekileyo belahlekelwe ngumsebenzi ophambili wokubopha, umhlaseli onokufikelela ngokwamkelekileyo kumamkeli 'unokwenza ngesandla ukuqala kwakhona ukudibanisa isixhobo esele sidibene nesamkeli, ukuze:' ufumane isitshixo sokubethela ikhonkco ngokuqhawula kunye nokunxibelelana kwakhona nesitshixo '.

I-CVE-2019-13053

Ngokuka-Mengs, njengangaphambili, Obu bungozi buvumela umhlaseli ukuba ongeze amaqhosha kuqhosha lonxibelelwano olufihliweyo phakathi kwesitshixo se-USB kunye nesixhobo seLogitech.Nokuba ungazi isitshixo sokubethela.

Umphandi wathi umdlali wezoyikiso uya kufuna ukufikelela ngokwasemzimbeni kwisixhobo ukuze enze olu hlaselo.

Umxholo kukucinezela phakathi kwezitshixo ezili-12 ukuya kwezingama-20 kwaye irekhodisha ukugcwala okubhaliweyo, okuthe emva koko kwahlalutya kwaye kwafumana isitshixo sokubethela.

Kuba ukufikelela ngokwasemzimbeni kuyadingeka kube kanye, umhlaseli unokuqokelela idatha eyoneleyo yokubhala kwitrafikhi yerediyo.

"Nje ukuba idatha iqokelelwe, amaqhosha amaqhosha angalunganga anokufakwa," utshilo uMengs.

I-CVE-2019-13054

Este isetyenziswe njengesichongi sefuthe lobungozi kwiLogitech R500 nakwiLogitech SPOTLIGHT bonisa abakhethiweyoNgelixa i-CVE -2019-13055 isetyenziselwa zonke ezinye izixhobo zeLogitech ezisebenzisa isitshixo sokuDibanisa.

Isizathu sokuba abakhethi benkcazo yeLogitech bahlelwe ngokwamacandelo ahlukeneyo kukuba umhlaseli unokugqitha "kuluhlu lwamaqhosha amnyama" kunye nokufaka indibaniselwano yezitshixo phakathi kwe-A kunye ne-Z, yona, ngokobuchwephesha, ekufuneka ingahambelani nezixhobo ezikhethiweyo zokubonisa.

Ukongeza kubungozi obufunyenwe kwiinyanga ezimbalwa ezidlulileyo, U-Mengs uphinde walumkisa ukuba uninzi lwee-dongles ezidibanisa i-Logitech zisesichengeni sokungakhuseleki kudala kwi-MouseJack ebonakaliswe ngo-2016.

Ukusuka kubuthathaka i-CVE-2019-13054 ukuya kwi-CVE-2019-13055 ngobuchwephesha ezi zinobungozi obufanayo. Kuba iziphene zifuna ukufikelela ngokwasemzimbeni ngumhlaseli kwisiXokelelwano soBumbano kwisixhobo seLogitech ukuze sisetyenziswe ngempumelelo.

Ngokuka-Mengs, amaqhosha eza nemiyalelo engenamaphepha kunye nokukhuselwa kwedatha okungafanelekanga okuvumela umhlaseli ukuba alahle izitshixo zokubethela ezigcinwe kubo abafumanayo.

Uhlaselo olupheleleyo luthatha umzuzwana ukuphumeza kwaye nje ukuba isigebenga sibe nezitshixo zokubethela, banokubona amaqhosha omsebenzisi okanye bafake eyabo ukwenza imisebenzi enobungozi kunye nokulawula iikhompyuter.

U-Logitech wazise uMengs ukuba ukulungiswa kwalo mbandela kucwangciswe ngo-Agasti 2019.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Inoxanduva lwedatha: I-AB Internet Networks 2008 SL
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.

  1.   BasconSel sitsho
    yenzayo 2 iminyaka

    Ngaba kukho nayiphi na inkqubo kwiLinux enokufakwa kwaye ithintele ukubanjwa kwezitshixo okanye ubuncinci ukufihla?

    Phendula kwiBasconSel