VDB
CVE-2011-0640
CVE-2011-0640
PUBLISHED
CVSS 6.900000095367432 MEDIUM
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.
EPSS 0.07% · 21.6th percentile
Risk Scores
CVSS 2.0
6.900000095367432
EPSS Score
0.07%
21.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| udev_project | udev | |
| n/a | n/a | n/a |
Timeline
- Jan 25, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score