PT-2022-22973 · Corsair · Corsair K63 Wireless
Published
2022-10-19
·
Updated
2025-05-09
·
CVE-2022-35860
CVSS v3.1
6.8
Medium
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Corsair K63 Wireless version 3.1.3
Description
The issue concerns a lack of AES encryption, allowing physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.
Recommendations
For Corsair K63 Wireless version 3.1.3, consider disabling the wireless functionality until a patch or fix that enables AES encryption is available. Restrict access to sensitive information when using the affected device to minimize the risk of keystroke injection or sniffing.
Exploit
Fix
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Corsair K63 Wireless