FortiClient VulnerabilitySecurity Vulnerabilities fixed in CORSAIR iCUE 3.25.60
Description
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\\SYSTEM privileges, via a function call such as MmMapIoSpace.
Affected Applications
CORSAIR iCUE
CVE References
CVE-2020-8808Other References
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8808| ID | 2288 |
| Created | Jul 28, 2021 |
| Description Updated |
Nov 03, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Corsair |
| Patch | manual |
| Application | CORSAIR iCUE |