Login Sign Up

CVE-2019-18200

9.8 CRITICAL

📋 TL;DR

This vulnerability affects Fujitsu Wireless Keyboard Set LX390 GK381 devices due to lack of proper encryption in their 2.4 GHz wireless communication. Attackers within radio range can inject keystrokes to execute arbitrary commands on connected systems. Anyone using these specific wireless keyboards is affected.

💻 Affected Systems

Products:
  • Fujitsu Wireless Keyboard Set LX390 GK381
Versions: All versions
Operating Systems: Any OS that supports the keyboard
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is in the keyboard hardware/firmware, not dependent on operating system or software configuration.

📦 What is this software?

Lx390 Firmware by Fujitsu

View all CVEs affecting Lx390 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via keystroke injection leading to malware installation, data theft, or complete system takeover on any connected computer.

🟠

Likely Case

Local privilege escalation, credential theft, or execution of malicious commands on the victim's system by nearby attackers.

🟢

If Mitigated

Limited impact if keyboards are used in physically secure environments with strict access controls and monitoring.

🌐 Internet-Facing: LOW - Exploitation requires physical proximity to the wireless keyboard's radio signal.
🏢 Internal Only: HIGH - Attackers within radio range (typically up to 100 meters) can exploit this without network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept tools exist for keystroke injection attacks against these devices.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-011.txt

Restart Required: No

Instructions:

No firmware patch available. Replace affected keyboards with secure alternatives.

🔧 Temporary Workarounds

Use wired keyboard

all

Replace vulnerable wireless keyboard with USB wired keyboard

Use Bluetooth keyboard with encryption

all

Replace with Bluetooth keyboard that supports proper encryption

🧯 If You Can't Patch

  • Physically secure the area to prevent unauthorized radio access
  • Monitor for suspicious keyboard activity and implement strict access controls

🔍 How to Verify

Check if Vulnerable:

Check if using Fujitsu Wireless Keyboard Set LX390 GK381 model. No software-based detection available.

Check Version:

N/A - Hardware vulnerability, no version check applicable

Verify Fix Applied:

Verify keyboard has been replaced with non-vulnerable alternative.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected keystrokes or commands executed without user input

Network Indicators:

  • N/A - This is a wireless peripheral attack, not network-based

SIEM Query:

N/A - Hardware-level attack not detectable via standard SIEM

📊 Metadata

CVE ID: CVE-2019-18200
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: October 24, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON