CVE-2022-35860 is a vulnerability affecting the Corsair K63 Wireless keyboard, specifically version 3.1.3. The core issue is the absence of AES encryption on the 2.4 GHz radio transmissions between the keyboard and its receiver. This lack of encryption allows an attacker who is physically near the victim to intercept (sniff) and inject keystrokes over the wireless communication channel. The vulnerability is classified under CWE-311, which relates to the failure to encrypt sensitive data. Without encryption, the wireless signals carrying keystroke data are transmitted in cleartext or with insufficient protection, making it feasible for an attacker with specialized radio equipment to capture sensitive information such as passwords, confidential messages, or other typed data. Additionally, the attacker can inject malicious keystrokes, potentially leading to unauthorized commands or actions on the victim's system. The CVSS 3.1 base score is 6.8 (medium severity), with the vector indicating that the attack requires adjacent network access (physically proximate), high attack complexity, no privileges required, no user interaction, unchanged scope, and high impact on confidentiality and integrity but no impact on availability. No patches or fixes are currently linked, and no known exploits are reported in the wild. This vulnerability highlights the risks of wireless input devices that do not implement strong encryption, especially in environments where physical proximity to the target device is possible.

For European organizations, this vulnerability poses a significant risk to data confidentiality and integrity, particularly in environments where sensitive information is typed on vulnerable Corsair K63 Wireless keyboards. Sectors such as finance, government, healthcare, and critical infrastructure could be targeted to capture credentials, intellectual property, or confidential communications. The physical proximity requirement limits remote exploitation but does not eliminate risk in shared office spaces, public areas, or during travel. The ability to inject keystrokes also raises concerns about unauthorized command execution, potentially leading to further compromise or data manipulation. Given the widespread use of wireless peripherals in modern workplaces, this vulnerability could facilitate espionage or insider threat activities if exploited. The absence of encryption undermines trust in wireless input devices and may necessitate additional security controls to protect sensitive environments.

Organizations should immediately assess the deployment of Corsair K63 Wireless keyboards, especially version 3.1.3, and consider replacing them with models that implement strong encryption on wireless communications. Until a vendor patch is available, physical security controls should be enhanced to restrict attacker proximity, such as securing workspaces and limiting access to areas where vulnerable devices are used. Network segmentation and monitoring for unusual input device behavior can help detect potential injection attempts. Employing endpoint security solutions that can detect anomalous keystroke patterns or unauthorized input device activity may provide additional protection. Users should be trained to recognize suspicious behavior and report anomalies. Where possible, switching to wired keyboards or wireless devices with proven encryption standards is recommended. Finally, organizations should monitor vendor communications for updates or patches addressing this vulnerability and apply them promptly once available.