Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:corsair:corsair_utility_engine:3.6.109:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-12441 |
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. The issue exists due to the Windows "Everyone" group being granted SERVICE_ALL_ACCESS permissions to the CorsairService Service. Published: October 11, 2018; 5:29:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |