Skip to main content

CVE-2022-35860: n/a in n/a

Medium
VulnerabilityCVE-2022-35860cvecve-2022-35860
Published: Wed Oct 19 2022 (10/19/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.

AI-Powered Analysis

AILast updated: 07/05/2025, 02:39:55 UTC

Technical Analysis

CVE-2022-35860 is a vulnerability affecting the Corsair K63 Wireless keyboard, specifically version 3.1.3. The core issue is the absence of AES encryption on the 2.4 GHz radio transmissions between the keyboard and its receiver. This lack of encryption allows an attacker who is physically near the victim to intercept (sniff) and inject keystrokes over the wireless communication channel. The vulnerability is classified under CWE-311, which relates to the failure to encrypt sensitive data. Without encryption, the wireless signals carrying keystroke data are transmitted in cleartext or with insufficient protection, making it feasible for an attacker with specialized radio equipment to capture sensitive information such as passwords, confidential messages, or other typed data. Additionally, the attacker can inject malicious keystrokes, potentially leading to unauthorized commands or actions on the victim's system. The CVSS 3.1 base score is 6.8 (medium severity), with the vector indicating that the attack requires adjacent network access (physically proximate), high attack complexity, no privileges required, no user interaction, unchanged scope, and high impact on confidentiality and integrity but no impact on availability. No patches or fixes are currently linked, and no known exploits are reported in the wild. This vulnerability highlights the risks of wireless input devices that do not implement strong encryption, especially in environments where physical proximity to the target device is possible.

Potential Impact

For European organizations, this vulnerability poses a significant risk to data confidentiality and integrity, particularly in environments where sensitive information is typed on vulnerable Corsair K63 Wireless keyboards. Sectors such as finance, government, healthcare, and critical infrastructure could be targeted to capture credentials, intellectual property, or confidential communications. The physical proximity requirement limits remote exploitation but does not eliminate risk in shared office spaces, public areas, or during travel. The ability to inject keystrokes also raises concerns about unauthorized command execution, potentially leading to further compromise or data manipulation. Given the widespread use of wireless peripherals in modern workplaces, this vulnerability could facilitate espionage or insider threat activities if exploited. The absence of encryption undermines trust in wireless input devices and may necessitate additional security controls to protect sensitive environments.

Mitigation Recommendations

Organizations should immediately assess the deployment of Corsair K63 Wireless keyboards, especially version 3.1.3, and consider replacing them with models that implement strong encryption on wireless communications. Until a vendor patch is available, physical security controls should be enhanced to restrict attacker proximity, such as securing workspaces and limiting access to areas where vulnerable devices are used. Network segmentation and monitoring for unusual input device behavior can help detect potential injection attempts. Employing endpoint security solutions that can detect anomalous keystroke patterns or unauthorized input device activity may provide additional protection. Users should be trained to recognize suspicious behavior and report anomalies. Where possible, switching to wired keyboards or wireless devices with proven encryption standards is recommended. Finally, organizations should monitor vendor communications for updates or patches addressing this vulnerability and apply them promptly once available.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-07-13T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9817c4522896dcbd79f6

Added to database: 5/21/2025, 9:08:39 AM

Last enriched: 7/5/2025, 2:39:55 AM

Last updated: 7/30/2025, 1:19:09 AM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats