Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
corsair vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2018-12441
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. Th...
Corsair Corsair Utility Engine 3.7.99
Corsair Corsair Utility Engine 3.3.103
Corsair Corsair Utility Engine 3.4.95
Corsair Corsair Utility Engine 3.6.109
Corsair Corsair Utility Engine 3.2.87
7.2
CVSSv2
CVE-2020-8808
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE prior to 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, ...
Corsair Icue
NA
CVE-2022-35860
Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate malicious users to inject and sniff keystrokes via 2.4 GHz radio transmissions.
Corsair K63 Firmware 3.1.3
7.2
CVSSv2
CVE-2018-19592
The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\SYSTEM, leading to total system takeover, a simila...
Corsair Link 4.9.7.35
1 Github repository
9.3
CVSSv2
CVE-2016-10590
cue-sdk-node is a Corsair Cue SDK wrapper for node.js. cue-sdk-node downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested zip file with an attacker controlled zip fil...
Cue-sdk-node Project Cue-sdk-node
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started