KeyJack Affected Devices
The following devices have been tested and are vulnerable to a KeyJack injection attack (specifically vulnerabilities that pertain to Bastille Threat Research Team Tracking Number #13). To help determine whether you have an affected device connected to your system, please compare the following device models and USB IDs to your own:
| Vendor | Affected Devices | Advisory (with Tracking #) |
Vendor Response |
|---|---|---|---|
| AmazonBasics |
Wireless Keyboard USB Dongle (USB ID 04f2:1130) |
||
| Dell |
Dell KM714 Wireless Keyboard and Mouse Combo KM714 USB dongle (USB ID 046d:c52b) KM632 Wireless Mouse USB dongle (USB ID 413c:2501) |
||
| Lenovo |
Ultraslim Wireless Keyboard Ultraslim Dongle (USB ID 17ef:6032) |
LEN-7267 | |
| Logitech |
K400r Logitech Unifying Dongles C-U0007 (FW ver 012.005.00028) & |
Firmware Update |
Note: links were updated at time of discovery—vendors may have changed links without alerting us
Although the Bastille Threat Research Team endeavored to test a variety of models of wireless keyboard from multiple vendors, it is not possible to acquire and test every model available on the market. There may be other models and vendors that are affected by this class of vulnerability, so the list should not be considered definitive.
The plain-text advisories can be found above.
Remediation
Immediately disconnect all affected USB dongles, and use wired keyboards and mice instead.
It is recommended that users contact their preferred vendor and inquire into which models are not vulnerable for future purchases.
Tools
The Bastille Threat Research Team is releasing free, open source tools to enable interested parties to discover wireless mice and keyboards that may be vulnerable to KeyJack.
Please refer to: https://github.com/BastilleResearch/keyjack
A Python-based sniffer is available, and will output raw frames to the console:
An Android application for sniffing has been developed and is now available:
