3

I have one KVM switch that has a VGA port to connect monitor. I want to know how to test that the KVM switch has no vulnerabilities by this port (using DDC)?

Anders
  • 64,406
  • 24
  • 178
  • 215
Juliet
  • 187
  • 1
  • 1
  • 6

2 Answers2

5

There are I2C lines in the VGA port, that are used to identify which display is connected (maximum resolutions, etc) and to control it if it supports DDC. Thus, bidirectional digital communication is possible.

On the computer side, there could be vulnerabilities in how it parses the EDID sent by the device connected to the VGA port. That could be used to execute malicious code.

On the display device/KVM side, it depends whether a smart device like the main CPU is connected to the I2C bus or if it's just a dumb one like an EEPROM (you can get away with connecting an off the shelf I2C EEPROM with the EDID data in it). In the former case, there is software that interprets the data sent by the computer over I2C - this software could have vulnerabilities and once you can achieve code execution on the KVM you are free to rewrite its firmware to persist. In the latter case, there is no smart device to compromise and you can write a malicious EDID that exploits bugs in connected computers and hope a vulnerable computer is connected.

André Borie
  • 12,706
  • 3
  • 39
  • 76
  • Hi. Thanks, how can we use this device?and how create malicious EDID and exploits bugs in connected computers? – Juliet Sep 03 '16 at 11:35
  • 1
    @Juliet Creating malicious EDID means you need to find an exploitable vulnerability in the EDID parser. No one is going to drop a 0day just to show how to do that. – forest Aug 14 '18 at 06:58
-1

I don't think it is even possible to use VGA to attack either the monitor or another PC. VGA can only send analog data, which is a one way transmission. As long as this is pure analog data, the monitor itself cannot be exploited either.

Other devices suchs as a mouse or USB stick connected to the KVM can be exploited to store malware and trigger it on a second machine.

If I have misinterpreted your question, please provide additional information.

Yorick de Wid
  • 3,346
  • 14
  • 22
  • Thanks for attention,I have kvm switch that support monitor sharing. I want to test data leakage in DDC. first I want to test VGA have vulnerability? And how to test is there data leakage in DDC? – Juliet Aug 29 '16 at 08:44
  • Well, DDC is the serial version for VGA. Therefore it is not really analog data. But then again, a serial connection is not much different from analog data for exploitation. – grochmal Aug 29 '16 at 17:22
  • HI. Thanks . mouse and keyboard in this KVM are PS2. How to can use PS2 port for malware and trigger it on a second machine ? – Juliet Sep 03 '16 at 11:23