{
  "id": "CVE-2017-17556",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2017-12-15T19:29:00.217",
  "lastModified": "2018-01-05T15:50:42.617",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys."
    },
    {
      "lang": "es",
      "value": "Una herramienta de depuraci\u00f3n en controladores Synaptics TouchPad permite que usuarios locales con acceso de administrador obtengan informaci\u00f3n sensible sobre c\u00f3digos de escaneo de teclado mediante la modificaci\u00f3n de claves de registro."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 4.2
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.6
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:hp:synaptics_touchpad_driver:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "066AC820-3B48-442F-9848-5F9EA503F0C1"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.hp.com/us-en/document/c05827409",
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://www.synaptics.com/company/blog/touchpad-security-brief",
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://zwclose.github.io/HP-keylogger/",
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ]
    }
  ]
}