PT-2017-18287 · Conexant Systems+1 · Mictray64+1
Thorsten Schroeder
·
Published
2017-05-12
·
Updated
2017-07-08
·
CVE-2017-8360
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Conexant Systems mictray64 version 1.0.0.46
Description
The issue concerns the Conexant Systems mictray64 task, which is used on various HP systems, including Elite, EliteBook, ProBook, and ZBook. It leaks sensitive data, specifically keystrokes, to any process. This leakage occurs through two unintended channels: debug messages that can be accessed by any process running in the current user session, and filesystem access to the C:UsersPublicMicTray.log file, which can be accessed by any process.
Recommendations
For Conexant Systems mictray64 version 1.0.0.46, consider restricting access to the MicTray.log file to minimize the risk of sensitive data leakage. Additionally, as a temporary workaround, disabling the LowLevelKeyboardProc Windows hook in mictray64.exe could help prevent keystroke capture until a more permanent solution is available.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Mictray64