Open main menu
Logitech Unifying receiver (Older)
Logitech Unifying receiver (Newer)

The Logitech Unifying receiver is an extremely small dedicated USB wireless receiver, based on the nRF24L-family of RF devices[1], that allows up to six compatible Logitech human interface devices (such as mice, trackballs, trackpads, and keyboards; headphones are not compatible) to be linked to the same computer using 2.4 GHz band radio communication. Receivers that are bundled with a Logitech product are paired with the device at the factory. When purchasing a replacement receiver or connecting multiple devices to one receiver, pairing requires the freely available Logitech Unifying software. Devices pair to Unifying Receivers similar to Bluetooth pairing[2] although the underlying protocols are incompatible. Logitech receivers compatible with the Unifying protocol can be identified by the orange Unifying logo which also distinguishes them from Logitech Nano receivers. Nano receivers pair in a similar manner, but don't use the Unifying protocol, and only pair with single devices.

Each device can pair to one receiver per profile. While most devices only have one profile, newer products such as the Logitech MX Master, MX Anywhere series, and M720 Triathalon, allow multiple profiles. These devices can be connected to multiple receivers simultaneously. This allows the use of different receivers in several computers (e.g., with a desktop and a laptop computer) by simply changing profiles on the mouse. This multi computer function is further augmented by Logitech Flow (software KVM solution) which is similar to Synergy. For other devices, the receiver and input devices can be moved together from one computer to another maintaining their paired status after being unplugged[2].

Some (older) Unifying devices limit the number of allowable pairing changes to a maximum of 45 times. Once the 45th connection is made, it is no longer possible to connect such a device to a further, different receiver. For users who often switch a Unifying device between multiple PCs or laptops with individual receivers, this connection limit can become an issue. For example, a user who frequently switches a mouse between two receivers (e.g. at work and home) will quickly exhaust the limit of available pairing switches.[3] Newer devices can switch pairings an unlimited number of times.

Pairing software is available for Microsoft Windows and Mac OS X from Logitech. Wireless devices using the Unifying Receiver are supported since Linux 3.2. [4] Software to manage Unifying devices on Linux is available from third party developers, like Solaar.[5]

In addition, many companies have made USB wireless receivers very similar to Logitech's, though it is unknown if Logitech has taken legal action against these companies or even if Logitech holds a patent for the technology. Logitech devices are incompatible with many of these "off brand" receivers, though some are expressly designed as inexpensive alternatives to the Logitech Unifying receiver that can be paired with Logitech devices.

Logitech Unifying receivers (LURs) are often included in wireless Logitech keyboard, mouse, and combo sets, though they may be purchased alone.

Contents

SecurityEdit

Mousejacking / KeyjackingEdit

Mousejacking, first reported by Bastille Networks, Inc., is the sending of malicious radio signals (packets) wirelessly to an unsuspecting user through Logitech Unifying wireless technology. The exploit takes advantage of a users vulnerable Logitech Unifying receiver and unencrypted signals within a range of about 100 meters. Possible exploits include:

  • Keystroke Injection by either spoofing a paired mouse or keyboard
  • Forced Pairing

Affected Devices And FirmwareEdit

Devices
Device USB ID
Unifying receiver 046d:c52b
Unifying receiver 046d:c539
Logitech Wireless Gaming Mouse G900 046d:c081
Logitech Wireless Keyboard K360 046d:4004
Logitech Multi-Device Wireless Keyboard K370s 046d:4061
Logitech Multi-Device Wireless Keyboard K375s 046d:4061
Logitech Wireless Touch Keyboard K400r 046d:400e, 046d:4024
Logitech Wireless Touch Keyboard K400 Plus 046d:404d
Logitech Wireless Solar Keyboard K750 046d:4002
Logitech Multi-Device Wireless Keyboard K780 046d:405b
Logitech Illuminated Living-Room Keyboard K830 046d:404c, 046d:4032
Logitech Performance Wireless Keyboard MK850 046d:4062
Logitech Wireless Mouse M335
Logitech Zone Touch Mouse T400 046d:4026
Logitech Wireless Mouse M545
Logitech Wireless Mouse M560
Logitech Touch Mouse M600 046d:401a
Logitech Touch Mouse T620 046d:4027
Logitech Wireless Rechargeable Touchpad T650 046d:4101
RQR12 Firmware
Firmware Version Vulnerabilities
012.001.00019 Affected by Bastille security issues #1, #2, #3[6][7]
012.003.00025 Affected by Bastille security issues #1, #2, #3[6][7]
<012.005.00028 Affected by Bastille security issues #1, #2, #3, #11, #13[6][7]
012.005.00028 Affected by Bastille security issues #11, #13[6][7]
012.007.00029 Affected by Bastille security issue #13[7]
RQR24 Firmware
Firmware Version Vulnerabilities
<024.003.00027 Affected by Bastille security issue #2, #3, #11, #13[6][8]
024.003.00027 Affected by Bastille security issue #11, #13[6][8]
024.005.00029 Affected by Bastille security issue #13[8]

Firmware Not AffectedEdit

RQR12 Firmware
Firmware Version Notes
012.008.00030[7]
012.009.00030 Identical to 012.008.00030 but DFU signed[9]
RQR24 Firmware
Firmware Version Notes
024.006.00030[8]
024.007.00030 Identical to 024.006.00030 but DFU signed[10]

ResponseEdit

Logitech has responded with a few Unifying receiver firmware updates as new exploits have been reported. The latest firmware updates for Windows PCs and Macs can be found here.

For Linux users there are native options to flash and experiment with such as fwupd and MouseJack device discovery and research tools. However, with these tools a separate firmware binary is still required. The required .cab files for use with fwupd can be found on the LVFS: Device List, or simply by downloading the updates via fwupdmgr. Flashing on a Linux host via a hypervisor such as VirtualBox along with a Windows virtual guest image and the Windows Logitech update executable is also possible. If using a Windows virtual guest it is recommended to have a second available pointing device while the dongle is being updated. The second pointing device may be needed to allow the user to select and enable pass through of the unifying receiver via the hypervisor task bar after executing the firmware updater so that the device is found and updated.

It should also be noted that updating the Unifying receiver firmware to versions RQR12.xx (xx >= 08) and RQR24.xx (xx >= 06) can limit some functionality of certain paired devices. These devices require their own firmware updates to restore full functionality with patched receivers.

See alsoEdit

ReferencesEdit

  1. ^ "MouseJack device discovery and research tools". Retrieved 17 April 2018.
  2. ^ a b Gallegos, Gary. "Gadgets: The Logitech Unifying Receiver (aka "fake bluetooth")". Archived from the original on 4 March 2016. Retrieved 23 February 2013.
  3. ^ "Limitations on Unifying devices - Logitech Support Article". Retrieved 17 March 2015.
  4. ^ "Linux Git commit: HID: Add full support for Logitech Unifying receivers". Retrieved 2 May 2013.
  5. ^ Solaar
  6. ^ a b c d e f https://www.bastille.net/research/vulnerabilities/mousejack/affected-devices
  7. ^ a b c d e f https://github.com/Logitech/fw_updates/blob/master/RQR12/RQR12.08/RQR12.08_B0030.txt
  8. ^ a b c d https://github.com/Logitech/fw_updates/blob/master/RQR24/RQR24.06/RQR24.06_B0030.txt
  9. ^ https://github.com/Logitech/fw_updates/blob/master/RQR12/RQR12.09/RQR12.09_B0030.txt
  10. ^ https://github.com/Logitech/fw_updates/blob/master/RQR24/RQR24.07/RQR24.07_B0030.txt

External linksEdit