CVE-2017-8360

MEDIUM

Conexant Mictray64 < 1.0.0.46 - Information Disclosure

Title source: rule

Description

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process.

References (3)

Scores

CVSS v3 5.5
EPSS 0.0020
EPSS Percentile 42.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
conexant/mictray64 < 1.0.0.46
n/a/n/a
Published May 12, 2017
Tracked Since Feb 18, 2026