CVE-2020-24088
HIGHFoxconn Live Update Utility <2.1.6.26 - Privilege Escalation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-24088. PoCs published by rjt-gupta.
AI-analyzed exploit summary This repository contains a README describing CVE-2020-24088, a local privilege escalation vulnerability in Foxconn Live Update Utility 2.1.6.26 due to an issue in the MmMapIoSpace routine. No exploit code is provided.
Description
An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges.
Exploits (1)
nomisec
WRITEUP
by rjt-gupta · poc
https://github.com/rjt-gupta/CVE-2020-24088
This repository contains a README describing CVE-2020-24088, a local privilege escalation vulnerability in Foxconn Live Update Utility 2.1.6.26 due to an issue in the MmMapIoSpace routine. No exploit code is provided.
Classification
Writeup 90%
Attack Type
Lpe
Complexity
Theoretical
Reliability
Theoretical
Target:
Foxconn Live Update Utility 2.1.6.26
No auth needed
Prerequisites:
Local access to the target system
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit, Third Party Advisory
http://blog.rewolf.pl/blog/?p=1630
Exploit, Third Party Advisory
http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/
Third Party Advisory
https://github.com/rjt-gupta/CVE-2020-24088
Scores
CVSS v3
7.8
EPSS
0.0038
EPSS Percentile
29.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
Status
published
Products (1)
foxconn/live_update_utility
2.1.6.26
Published
Sep 11, 2023
Tracked Since
Feb 18, 2026