CVE-2017-8360

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:conexant:mictray64:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hp:elitebook_folio_1040_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_17_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_655_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_450_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_840_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_848_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_15u_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elite_x2_1012_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_650_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_645_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_820_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_755_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_850_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_470_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_745_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_430_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_446_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_folio_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_640_g2:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_828_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_15_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_455_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_1030_g1:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:zbook_studio_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:elitebook_725_g3:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:probook_440_g3:-:*:*:*:*:*:*:*
OR cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*

Information

Published : 2017-05-12 00:29

Updated : 2017-07-07 18:29


NVD link : CVE-2017-8360

Mitre link : CVE-2017-8360


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

hp

  • elitebook_820_g3
  • elitebook_1030_g1
  • elitebook_755_g3
  • probook_450_g3
  • elitebook_725_g3
  • probook_645_g2
  • elitebook_850_g3
  • probook_430_g3
  • probook_440_g3
  • zbook_15u_g3
  • probook_455_g3
  • elitebook_848_g3
  • zbook_studio_g3
  • elitebook_828_g3
  • probook_650_g2
  • probook_655_g2
  • elitebook_folio_g1
  • probook_470_g3
  • elitebook_745_g3
  • elitebook_840_g3
  • elite_x2_1012_g1
  • probook_640_g2
  • zbook_15_g3
  • probook_446_g3
  • elitebook_folio_1040_g3
  • zbook_17_g3

microsoft

  • windows_7
  • windows_10

conexant

  • mictray64