CVE-2020-8808

Name of the Vulnerable Software and Affected Versions CORSAIR iCUE versions prior to 3.25.60

Description The issue allows local non-privileged users to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITYSYSTEM privileges, via a function call such as MmMapIoSpace. This is due to a flaw in the CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers. Researchers from Activecyber identified this issue, which could lead to privilege escalation.

Recommendations For versions prior to 3.25.60, update to version 3.25.60 or later to resolve the issue. As a temporary workaround, consider restricting access to the CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers until a patch is applied.