Quote:A popular Fujitsu wireless keyboard is vulnerable to keystroke injection attacks that could allow an adversary to take control of a victim’s system.
 
Researchers with Germany-based SySS reported on Friday that the high-severity vulnerability allows an attacker to send wireless keystrokes from 150 feet away, to a computer system running a Fujitsu Wireless Keyboard Set LX901.
 
Researcher Matthias Deeg with SySS said that “exploiting the keystroke injection vulnerability also enables attacks against computer systems with an active screen lock. For example, to install malware when the target system is currently unused and unattended.”

Deeg told Threatpost that he reached out to Fujitsu but is currently “not aware of a solution to the described security issue.” Fujitsu did not respond to multiple requests for comment on the vulnerability from Threatpost. The vulnerability does not have a CVE number, but Deeg told Threatpost that he estimates it to have a CVSS score of 8.8, making it a high-severity flaw.