6.8
CVE-2022-35860
- EPSS 0.05%
- Veröffentlicht 19.10.2022 02:15:08
- Zuletzt bearbeitet 09.05.2025 15:15:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMissing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Corsair ≫ K63 Firmware Version3.1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.157 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 1.6 | 5.2 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.8 | 1.6 | 5.2 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-311 Missing Encryption of Sensitive Data
The product does not encrypt sensitive or critical information before storage or transmission.