CVE-2019-12505

Name of the Vulnerable Software and Affected Versions Inateck WP1001 version 1.3C

Description The issue allows for keystroke injection attacks due to unencrypted and unauthenticated data communication. This enables an attacker to send arbitrary keystrokes to a victim's computer system, potentially installing malware on an unattended target system. As a result, an attacker can remotely take control of the victim's computer that is operated with an affected receiver of this device.

Recommendations For Inateck WP1001 version 1.3C, consider disabling the device until a patch or secure alternative is available to prevent keystroke injection attacks. Restrict access to sensitive systems and data when using the affected device to minimize the risk of exploitation.