VIR Vulnerability Intelligence Relay

CVE-2015-3320

low
Published 2015-04-16 · Modified 2026-05-06
CVSS v3
CVSS v2
2.1
VIR risk
2.1

Description

Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard

Application impact
VendorProductVersionsFixed
lenovousb_enhanced_performance_keyboard{"endIncluding":"2.0.2.1"}

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.