USB Speaker Can Infect PCs Without Physical Contact

Cybersecurity researchers have uncovered an unusual attack vector through peripheral devices. The issue involves the Sound Blaster Katana V2X acoustic system, which connects to computers via USB. Experts demonstrated that under certain conditions, the speaker can transmit malicious code to a PC without direct user intervention.

The problem lies in the implementation of the USB protocol and device drivers. Even when not actively in use, the speaker can interact with the system through service channels, creating opportunities for vulnerability exploitation. However, the manufacturer, Creative, does not regard this behavior as a critical vulnerability, citing the absence of real-world attack cases.

Specialists note that such risks are relevant not only for this model but also for other USB devices with advanced features. In corporate environments, these attacks could be used for targeted network infiltration, particularly if attackers have physical access to equipment. Experts recommend limiting the use of unverified peripheral devices and updating drivers to the latest versions.