CVE-2022-35860
6.8MEDIUMMissing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.
Published: 10/19/2022Updated: 5/9/2025
Description
Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.
AI AnalysisPowered by AI
Affected Products
corsairk63_firmware
3.1.3
corsairk63
-
References
- http://kth.diva-portal.org/smash/get/diva2:1701492/FULLTEXT01.pdfExploitThird Party Advisory
- http://kth.diva-portal.org/smash/record.jsf?pid=diva2%3A1701492&dswid=-3616Third Party Advisory
- https://www.corsair.com/us/en/Categories/Products/Gaming-Keyboards/Wireless-Keyboards/K63-Wireless-Mechanical-Gaming-Keyboard-%E2%80%94-Blue-LED-%E2%80%94-CHERRY%C2%AE-MX-Red/p/CH-9145030-NAProductVendor Advisory
- http://kth.diva-portal.org/smash/get/diva2:1701492/FULLTEXT01.pdfExploitThird Party Advisory
- http://kth.diva-portal.org/smash/record.jsf?pid=diva2%3A1701492&dswid=-3616Third Party Advisory
- https://www.corsair.com/us/en/Categories/Products/Gaming-Keyboards/Wireless-Keyboards/K63-Wireless-Mechanical-Gaming-Keyboard-%E2%80%94-Blue-LED-%E2%80%94-CHERRY%C2%AE-MX-Red/p/CH-9145030-NAProductVendor Advisory