Security News > 2020 > June > FabulaTech USB device vulnerability exposes devices to risk

FabulaTech USB device vulnerability exposes devices to risk
2020-06-18 14:56

A remote USB function in a software provider's code has been found to contain a significant vulnerability.

"USB for Remote Desktop," works by redirecting USB devices to remote sessions over Microsoft RDP, Teradici PCoIP, or Citrix ICA Protocols.

The crux of the issue is that the driver permits unprivileged users to add the virtual USB device.

A specific potential risk here could involve adding USB devices that can be used to directly manipulate applications on the host, such as keyboards or mice, which can enter information to harvest data or permit the execution or malicious code.

As a result, users of FabulaTech products are advised not to utilize USB for Remote Desktop, or at the very least not to do so on systems which contain or access confidential or security sensitive applications or data.


News URL

https://www.techrepublic.com/article/fabulatech-usb-device-vulnerability-exposes-devices-to-risk/#ftag=RSS56d97e7

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fabulatech 3 0 8 1 0 9