Lucene search

K
cve[email protected]CVE-2022-35860
HistoryOct 19, 2022 - 2:15 a.m.

CVE-2022-35860

2022-10-1902:15:08
CWE-311
web.nvd.nist.gov
25
8
cve-2022-35860
corsair k63 wireless
aes encryption
security vulnerability
keystroke sniffing
2.4 ghz radio transmission

6.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.

Affected configurations

NVD
Node
corsairk63_firmwareMatch3.1.3
AND
corsairk63Match-

Social References

More

6.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

Related for CVE-2022-35860