3.23.66

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

corsair

NVD

Published: 2020-02-07

Updated: 2021-07-21

Summary

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

Vulnerable Configurations

Part	Description	Count
Application	Corsair Corsair Icue 3.12.118 Corsair Icue 3.20.80 Corsair Icue 3.23.66	3

References

https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-001.md
https://forum.corsair.com/v3/showthread.php?t=193831