I think mice could easily be used to infect hardware because my Razer mouse tries to install some crapware occasionally.
I think I have only seen it in Windows but I don't know if that means linux cannot arbitrarily execute files hosted on a mouse, or if Razer skips the install because it has no compatible crapware.
Actually, this 'auto-install Razer bloatware' behaviour is a feature of Windows itself.
The mouse merely presents itself as being from a certain manufacturer, and Windows asks the user if it should fetch the drivers (and any other bundled crapware Razer wants to load on there).
I have had peripherals present on initial plugin as a USB flash drive with autorun.inf, autorun.exe. Then, after the drivers install (or you unplug and re-plug), it presents itself as a HID or other device you were xpecting again.
This is extremely prevalent with a lot of smaller things, particularly noname Chinese brands. I have ordered and received things like wifi USB adapters and BT4 adapters that came preloaded with autorun malware (I don't enable autorun). Presumably because the master at the factory was already infected or something, if it isn't intentional.
Razer's might just be WU getting "official drivers", but this is 100% not part of WU, extremely common, and often available on Amazon through thousands of brand names (fake) originating from the same factory.
I think I have only seen it in Windows but I don't know if that means linux cannot arbitrarily execute files hosted on a mouse, or if Razer skips the install because it has no compatible crapware.