virus logo FortiClient Vulnerability

Insecure Permissions Vulnerability for Corsair Link 4

description-logoDescription

The CLink4Service service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY SYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441.

affected-products-logoAffected Applications

Corsair Link 4

CVE References

CVE-2018-19592

Other References

https://nvd.nist.gov/vuln/detail/CVE-2018-19592
ID 2434
Created Oct 21, 2021
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Corsair
Patch manual
Application Corsair Link 4