Vulnerabilities

CVE-2020-8808

by Fred · 07/02/2020

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITYSYSTEM privileges, via a function call such as MmMapIoSpace.

Date published : 2020-02-07

https://forum.corsair.com/v3/showthread.php?t=193831

https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-001.md

Similar

Tags: Cybersecurity Alert