CVE-2017-8360
Summary
| CVE | CVE-2017-8360 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-05-12 07:29:00 UTC |
| Updated | 2017-07-08 01:29:00 UTC |
| Description | Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Conexant | Mictray64 | All | All | All | All |
| Hardware | Hp | Elitebook 1030 G1 | - | All | All | All |
| Hardware | Hp | Elitebook 1030 G1 | - | All | All | All |
| Hardware | Hp | Elitebook 725 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 725 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 745 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 745 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 755 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 755 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 820 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 820 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 828 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 828 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 840 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 840 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 848 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 848 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 850 G3 | - | All | All | All |
| Hardware | Hp | Elitebook 850 G3 | - | All | All | All |
| Hardware | Hp | Elitebook Folio 1040 G3 | - | All | All | All |
| Hardware | Hp | Elitebook Folio 1040 G3 | - | All | All | All |
| Hardware | Hp | Elitebook Folio G1 | - | All | All | All |
| Hardware | Hp | Elitebook Folio G1 | - | All | All | All |
| Hardware | Hp | Elite X2 1012 G1 | - | All | All | All |
| Hardware | Hp | Elite X2 1012 G1 | - | All | All | All |
| Hardware | Hp | Probook 430 G3 | - | All | All | All |
| Hardware | Hp | Probook 430 G3 | - | All | All | All |
| Hardware | Hp | Probook 440 G3 | - | All | All | All |
| Hardware | Hp | Probook 440 G3 | - | All | All | All |
| Hardware | Hp | Probook 446 G3 | - | All | All | All |
| Hardware | Hp | Probook 446 G3 | - | All | All | All |
| Hardware | Hp | Probook 450 G3 | - | All | All | All |
| Hardware | Hp | Probook 450 G3 | - | All | All | All |
| Hardware | Hp | Probook 455 G3 | - | All | All | All |
| Hardware | Hp | Probook 455 G3 | - | All | All | All |
| Hardware | Hp | Probook 470 G3 | - | All | All | All |
| Hardware | Hp | Probook 470 G3 | - | All | All | All |
| Hardware | Hp | Probook 640 G2 | - | All | All | All |
| Hardware | Hp | Probook 640 G2 | - | All | All | All |
| Hardware | Hp | Probook 645 G2 | - | All | All | All |
| Hardware | Hp | Probook 645 G2 | - | All | All | All |
| Hardware | Hp | Probook 650 G2 | - | All | All | All |
| Hardware | Hp | Probook 650 G2 | - | All | All | All |
| Hardware | Hp | Probook 655 G2 | - | All | All | All |
| Hardware | Hp | Probook 655 G2 | - | All | All | All |
| Hardware | Hp | Zbook 15u G3 | - | All | All | All |
| Hardware | Hp | Zbook 15u G3 | - | All | All | All |
| Hardware | Hp | Zbook 15 G3 | - | All | All | All |
| Hardware | Hp | Zbook 15 G3 | - | All | All | All |
| Hardware | Hp | Zbook 17 G3 | - | All | All | All |
| Hardware | Hp | Zbook 17 G3 | - | All | All | All |
| Hardware | Hp | Zbook Studio G3 | - | All | All | All |
| Hardware | Hp | Zbook Studio G3 | - | All | All | All |
| Operating System | Microsoft | Windows 10 | All | All | All | All |
| Operating System | Microsoft | Windows 10 | All | All | All | All |
| Operating System | Microsoft | Windows 7 | All | All | All | All |
| Operating System | Microsoft | Windows 7 | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt | MISC | www.modzero.ch | Exploit, Mitigation, Technical Description, Third Party Advisory |
| [EN] Keylogger in Hewlett-Packard Audio Driver | mod%log | MISC | www.modzero.ch | Exploit, Technical Description, Third Party Advisory |
| HP Computer Conexant HD Audio Driver Debug Keylogger Code Lets Local Users Obtain Keyboard Keystrokes - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.