← back
CVE-2020-8808

CVE-2020-8808

EPSS 0.6%
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://forum.corsair.com/v3/showthread.php?t=193831https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-001.md