← Back

Corsair

corsair

4 CVEs • 23 products

Products (23)

Click to collapse
Toggle
Corsair Utility Engine
corsair_utility_engine
1 CVE
Link
link
1 CVE
Icue
icue
1 CVE
K63 Firmware
k63_firmware
1 CVE
Axi
axi
0 CVEs
Commander Mini
commander_mini
0 CVEs
Commander Pro
commander_pro
0 CVEs
H100i
h100i
0 CVEs
H100i Gtx
h100i_gtx
0 CVEs
H100i V2
h100i_v2
0 CVEs
H110i
h110i
0 CVEs
H110i Gt
h110i_gt
0 CVEs
H110i Gtx
h110i_gtx
0 CVEs
H115i
h115i
0 CVEs
H80i
h80i
0 CVEs
H80i Gt
h80i_gt
0 CVEs
H80i V2
h80i_v2
0 CVEs
Hxi
hxi
0 CVEs
Lighting Node Pro
lighting_node_pro
0 CVEs
Rm
rm
0 CVEs
Rmi
rmi
0 CVEs
X99
x99
0 CVEs
K63
k63
0 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-35860
1Corsair
1K63 Firmware
May 9, 2025
Oct 19, 2022
N/A· v4
6.8 MEDIUM· v3
N/A· v2
Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions.
CVE-2020-8808
1Corsair
1Icue
Nov 21, 2024
Feb 7, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locatio...Show more
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.Show less
CVE-2018-19592
1Corsair
1Link
Nov 21, 2024
Sep 27, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\...Show more
The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\SYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441.Show less
CVE-2018-12441
1Corsair
1Corsair Utility Engine
Nov 21, 2024
Oct 11, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_...Show more
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. The issue exists due to the Windows "Everyone" group being granted SERVICE_ALL_ACCESS permissions to the CorsairService Service.Show less