To exploit the bug, the attacker lures their victim to a malicious website. In this post I’ll describe how the vulnerability works and how I found it. Users should either upgrade to v2.1.17 or uninstall the product until the remaining, less severe flaw is fixed, depending on their risk tolerance. However, they haven’t patched the root cause, and an attacker can still use the same pattern to secretly mess with the user’s KensingtonWorks settings. They have not been in contact with me since, but they appear to have recently mitigated the most harmful effects of the vulnerability, preventing it from being used to execute arbitrary code. I disclosed this flaw to Kensington on, when I said that I would wait for 90 days before publishing details of the vulnerability to give them time to fix it. The result of said shovelwork was a vulnerability that allows an attacker to remotely execute arbitrary code on a victim’s computer. My dad owns several Kensington devices, and if you mess with my dad then, well, I’d prefer if you didn’t. It shouldn’t need to receive any network connections in order to manage its users’ mice. There’s nothing necessarily wrong with this, but it was still a strange thing for KensingtonWorks to do. In their message they noted that KensingtonWorks was listening on a TCP network port, allowing other programs on the user’s computer to connect to it. They had noticed some odd behavior by KensingtonWorks, a piece of software that allows its users to add power functionality to mice made by Kensington, a popular brand of peripherals. Back in February, a Twitter user who has asked to remain anonymous sent me a tipoff.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |