MouseJack Affected Devices
The following devices have been tested and are vulnerable to a MouseJack keystroke injection attack (specifically vulnerabilities that pertain to Bastille Threat Research Team Tracking Number #1-7, 9 & 12). To help determine whether you have an affected device connected to your system, please compare the following screenshots against your computer. Hardware information screens are provided for Windows, OS X and Linux for each USB dongle:
|Vendor||Affected Devices||Advisory||Vendor Response||USB ID Screenshots|
|AmazonBasics||Wireless Mouse MG-0975
USB dongle RG-0976 (USB ID 04f2:0976))
|#7 HID Packet Injection|
|Dell||Dell KM714 Wireless Keyboard and Mouse Combo
KM714 USB dongle (USB ID 046d:c52b)
KM632 Wireless Mouse
USB dongle (USB ID 413c:2501)
|#1 Force Pairing
#2 Keystroke Injection
#3 Fake Mouse
#7 HID Packet Injection
#11 Unencrypted Keystroke Injection Fix Bypass
K7600 wireless keyboard
USB dongle (USB ID 04b4:0060)
Wireless Elite v2 keyboard
Elite USB dongle (USB ID 03f0:d407)
500 Wireless Mouse (MS-436)
500 USB Dongle (USB ID 17ef:6071)
Unifying dongle (USB ID 046d:c52b)
Tested firmware versions:
(With above update, #1, #2 & #3 are solved.)
Logitech Unifying Dongles C-U0007 (FW ver 012.005.00028) &
Logitech G900 dongle C-U0008 (USB ID 046d:c539)
Please note: these products also affected by KeyJack.
(With above update, #11 & #12 are solved.)
Sculpt Ergonomic mouse
Wireless Mobile Mouse 4000
Microsoft Wireless Mouse 5000
2.4GHz Transceiver v7.0 (USB ID 045e:0745)
USB dongle model 1496 (USB ID 045e:07b2)
USB dongle model 1461 (USB ID 045e:07a5)
Note: Mice part of a combo set are still vulnerable.
Also covered in our advisories is a Denial-Of-Service vulnerability (Bastille Threat Research Team Tracking Number #8), which affects the following hardware:
(with Tracking #)
N700 USB dongle (USB ID 17ef:6060)
Ultraslim USB dongle (USB ID 17ef:6032)
Ultraslim Plus Keyboard
Ultraslim Plus Mouse
Ultraslim Plus USB dongle (USB ID 17ef:6022)
Although the Bastille Threat Research Team endeavored to test a wide variety of models of wireless keyboard and mice from multiple vendors, it is not possible to acquire and test every model available on the market. There may be other models and vendors that are affected by this class of vulnerability, so the list should not be considered definitive.
The plain-text advisories can be found above, and at CERT/CC VU#981271
- Immediately disconnect all affected USB dongles, and use wired keyboards and mice instead.
- If you are using affected Logitech or 'Lenovo 500' devices, please update your firmware by referring to the appropriate instructions (see appropriate Vendor Response links above).
Dongles from other vendors were not found to support upgrading of firmware, so it does not appear possible to patch them. Therefore it is recommended that users contact their preferred vendor and inquire into which models are not vulnerable for future purchases.
The Bastille Threat Research Team is releasing free, open source tools to enable interested parties to discover wireless mice and keyboards that may be vulnerable to MouseJack.
Please refer to: https://github.com/BastilleResearch/mousejack