Search criteria
2 vulnerabilities found for bcst-60_firmware by inateck
CVE-2019-12503 (GCVE-0-2019-12503)
Vulnerability from nvd – Published: 2019-12-02 16:57 – Updated: 2024-08-04 23:24
VLAI
Summary
Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.syss.de/fileadmin/dokumente/Publikati… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2019/Nov/30 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/155503/Inate… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:38.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim\u0027s computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim\u0027s computer that is operated with an affected receiver of this device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-02T16:59:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim\u0027s computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim\u0027s computer that is operated with an affected receiver of this device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"name": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12503",
"datePublished": "2019-12-02T16:57:30.000Z",
"dateReserved": "2019-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:24:38.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12503 (GCVE-0-2019-12503)
Vulnerability from cvelistv5 – Published: 2019-12-02 16:57 – Updated: 2024-08-04 23:24
VLAI
Summary
Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.syss.de/fileadmin/dokumente/Publikati… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2019/Nov/30 | mailing-listx_refsource_FULLDISC |
| http://packetstormsecurity.com/files/155503/Inate… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:38.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim\u0027s computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim\u0027s computer that is operated with an affected receiver of this device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-02T16:59:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim\u0027s computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim\u0027s computer that is operated with an affected receiver of this device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-027.txt"
},
{
"name": "20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Nov/30"
},
{
"name": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155503/Inateck-BCST-60-Barcode-Scanner-Keystroke-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12503",
"datePublished": "2019-12-02T16:57:30.000Z",
"dateReserved": "2019-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:24:38.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}