cvedb.io
CVE-2016-6257
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2016-08-02T14:59:04.490 · Last modified 2026-06-17T00:50:42.443

Summary

The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a "KeyJack injection attack."

Affected products

amazonbasics — firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when amazonbasics ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.