CVE-2017-8360: Infoleak

First published: Fri May 12 2017(Updated: )

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/weakness
• agent/severity
• agent/references
• agent/author
• agent/type
• agent/description
• agent/event
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/conexant
• canonical/conexant mictray64
• version/conexant mictray64/1.0.0.46
• vendor/hp
• canonical/hp elite x2 1012 g1
• canonical/hp elitebook 1030 g1
• canonical/hp elitebook 725 g3
• canonical/hp elitebook 745 g3
• canonical/hp elitebook 755 g3
• canonical/hp elitebook 820 g3
• canonical/hp elitebook 828 g3
• canonical/hp elitebook 840 g3
• canonical/hp elitebook 848 g3
• canonical/hp elitebook 850 g3
• canonical/hp elitebook folio 1040 g3
• canonical/hp elitebook folio g1
• canonical/hp probook 430 g3
• canonical/hp probook 440 g3
• canonical/hp probook 446 g3
• canonical/hp probook 450 g3
• canonical/hp probook 455 g3
• canonical/hp probook 470 g3
• canonical/hp probook 640 g2
• canonical/hp probook 645 g2
• canonical/hp probook 650 g2
• canonical/hp probook 655 g2
• canonical/hp zbook 15 g3
• canonical/hp zbook 15u g3
• canonical/hp zbook 17 g3
• canonical/hp zbook studio g3
• vendor/microsoft
• canonical/microsoft windows 10
• canonical/microsoft windows 7