Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. The issue exists due to the Windows "Everyone" group being granted SERVICE_ALL_ACCESS permissions to the CorsairService Service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Corsair Utility Engine CorsairService Service组件安全漏洞
Vulnerability Description
Corsair Utility Engine(iCUE)是美国海盗船(Corsair)的一款用于配置管理Corsair外设的实用程序。CorsairService Service是其中的一个Corsair服务组件。 Corsair iCUE中的CorsairService Service组件存在安全漏洞。本地攻击者可通过修改CorsairService BINARY_PATH_NAME利用该漏洞完全控制受影响的系统。
CVSS Information
N/A
Vulnerability Type
N/A