The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230).
Attack Complexity
Low
AC
The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system.
Privileges Required
None
PR
The attacker is unauthenticated prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack.
User Interaction
None
UI
The vulnerable system can be exploited without interaction from any human user, other than the attacker. Examples include: a remote attacker is able to send packets to a target system a locally authenticated attacker executes code to elevate privileges
Scope
Unchanged
S
An exploited vulnerability can only affect resources managed by the same security authority. In the case of a vulnerability in a virtualized environment, an exploited vulnerability in one guest instance would not affect neighboring guest instances.
Confidentiality
Low
C
There is some impact on confidentiality, but the attacker either does not gain control of any data, or the information obtained does not have a significant impact on the system or its operations.
Integrity
None
I
There is no impact on the integrity of the system; the attacker does not gain the ability to modify any files or information on the target system.
Availability
None
A
There is no impact on the availability of the system; the attacker does not have the ability to disrupt access to or use of the system.
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Insufficient ProtectionsAdvisory ID: SYSS-2016-032
Product: CHERRY B.UNLIMITED AES
Manufacturer: Cherry GmbH
Affected Version(s): JD-0400EU-2/01
Tested Version(s): JD-0400EU-2/01
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data (Cryptographic Key)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-04-22
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory: Gerhard Klostermeier and Matthias Deeg (SySS GmbH)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Overview:
CHERRY B.UNLIMITED AES is a wireless desktop set consisting of a
mouse and a keyboard.
The manufacturer describes the product as follows (see [1]):
"CHERRY B. UNLIMITED AES combines secure data transmission and an
advanced energy supply in a design which has been thought through to the
very last detail. For high professional requirements and security both
at home and in the workplace."
Some of the key benefits of CHERRY B.UNLIMITED AES are (see [2]):
* Data transmission using 128-bit encryption, complying to Advanced
Encryption Standard (AES)
* USB cable charging function for both keyboard & mouse - even when in use
* High-quality, pre-charged NiMH batteries from GP with a very low self-discharge
* Almost interference-free wireless 2.4 GHz technology (range of up to 10 metres)
* 3-button mouse: infrared sensor and adjustable resolution (1,000/2,000 dpi) with ergonomic side panels
* Multi-station capability operation of several wireless products in one room
* Easy to install, requiring no technical knowledge
* Mini USB receiver
* Keyboard awarded the "Blauer Engel" environmental seal
Due to the insufficient protection of the flash memory of the keyboard
and of the USB dongle, an attacker with physical access has read and
write access to the firmware and the used cryptographic key.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability Details:
The SySS GmbH found out that the embedded flash memory of the wireless
keyboard CHERRY B.UNLIMITED AES and of the corresponding USB dongle can
be read and written via the SPI interface of the used transceivers with
an embedded microcontroller nRF24LE1 (keyboard) and nRF24LU1+ (USB
dongle) as the flash memory is not protected by the offered read back
protection feature (RDISMB - Read DISable Main Block).
Thus, an attacker with physical access to the keyboard or the USB dongle
can simply read and write the SPI-addressable code and data flash
memory.
By writing a custom-made firmware to the code flash memory, an attacker
can also gain access to all contents of the extended endurance flash
memory of the CHERRY B.UNLIMITED AES keyboard that is not directly
accessible via the SPI interface and where the AES cryptographic key
is stored.
Concerning the USB dongle, all data flash memory is accessible via
the SPI interface. Thus, no custom-made firmware is required to extract
the AES cryptographic key from the USB dongle.
By having read and write access to the code and data flash memory, an
attacker can either extract the cryptographic key, for instance to
perform further attacks against the wireless communication, or modify
the firmware or the cryptographic key.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Proof of Concept (PoC):
The SySS GmbH could successfully read the contents of the code and data
flash memory of the CHERRY B.UNLIMITED AES keyboard and of the USB
dongle using the hardware tool Bus Pirate [3] in combination with the
software tool nrfprog [4].
For accessing the AES cryptographic key stored in the extended endurance
flash memory, the SySS GmbH developed a small firmware for copying
the contents of this memory area to the SPI-addressable flash memory
from were it could simply be dumped via the SPI interface.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution:
According to information from the manufacturer Cherry GmbH, the reported
security issue will currently not be fixed in affected products.
The written statement in German from Cherry GmbH regarding this and other
reported security issues is:
"Nach Prufung der von Ihnen festgestellten 'Sicherheitsschwachstellen'
haben wir uns dazu entschlossen, die AES Verschlusselung bis auf weiters
nicht weiter mit den Produkt zu promoten. Derzeit arbeiten wir an einem
Nachfolgeprodukt. Wie bisher, empfehlen wir Kunden mit hohen
Sicherheitsanfordungen ein kabelgebundenes Produkt zu verwenden.
Je nach Anforderung, auch mit CC-Zertifizierung."
The English translation of this statement is:
"We have examined the 'security flaws' you reported to us. As a result,
we decided, until further notice, to no longer refer to AES encryption
in order to promote the affected product. At the moment, we are
currently working on a successor product. As we already did in the past,
we recommend to our customers having particularly high security demands
using wired products which, depending on the requirements, should be
CC certified."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Disclosure Timeline:
2016-04-22: Vulnerability reported to manufacturer
2016-05-24: Response from manufacturer with information about
the reported security issue and rescheduling of the
publication date in agreement with the manufacturer
2016-07-04: Received written statement from manufacturer concerning the
reported security issue
2016-07-29: Public release of the security advisory
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
References:
[1] Data sheet for CHERRY B.UNLIMITED AES
http://cherry.de/PDF/EN_CHERRY_B_UNLIMITED_AES.pdf
[2] Product website for CHERRY B.UNLIMITED AES
http://cherry.de/cid/wireless_keyboards_CHERRY_B_UNLIMITED_AES.htm?rdeLocaleAttr=en&WT.mc_id=
[3] Website of Bus Pirate hardware tool
http://dangerousprototypes.com/docs/Bus_Pirate
[4] nrfprog Github repository
https://github.com/nekromant/nrfprog
[5] SySS Security Advisory SYSS-2016-032
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-032.txt
[6] SySS Responsible Disclosure Policy
https://www.syss.de/en/responsible-disclosure-policy/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Credits:
This security vulnerability was found by Gerhard Klostermeier and
Matthias Deeg of the SySS GmbH.
E-Mail: gerhard.klostermeier (at) syss.de
Public Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Gerhard_Klostermeier.asc
Key fingerprint = 8A9E 75CC D510 4FF6 8DB5 CC30 3802 3AAB 573E B2E7
E-Mail: matthias.deeg (at) syss.de
Public Key: https://www.syss.de/fileadmin/dokumente/Materialien/PGPKeys/Matthias_Deeg.asc
Key fingerprint = D1F0 A035 F06C E675 CDB9 0514 D9A4 BF6A 34AD 4DAB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Disclaimer:
The information provided in this security advisory is provided "as is"
and without warranty of any kind. Details of this security advisory may
be updated in order to provide as accurate information as possible. The
latest version of this security advisory is available on the SySS Web
site.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Copyright:
Creative Commons - Attribution (by) - Version 3.0
URL: http://creativecommons.org/licenses/by/3.0/deed.en
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum