Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FluxInk Color Management Driver local privilege escalation
Vulnerability Description
FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
特权管理不恰当
Vulnerability Title
FluxInk Color Management Driver 权限许可和访问控制问题漏洞
Vulnerability Description
FluxInk Color Management Driver是FluxInk公司的一款色彩管理驱动软件。 FluxInk Color Management Driver 1.0.7.2版本存在权限许可和访问控制问题漏洞,该漏洞源于通过对\\Device\\PhysicalMemory进行任意物理内存映射,可能导致标准用户账户权限提升。
CVSS Information
N/A
Vulnerability Type
N/A