PT-2019-13975 · Realtek · Realtek Waves Maxxaudio Driver
Mike Siegel
·
Publicado
2019-08-15
·
Atualizado
2020-08-24
·
CVE-2019-15084
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Realtek Waves MaxxAudio driver version 1.6.2.0
Description
The issue concerns incorrect file permissions in the installation of the Realtek Waves MaxxAudio driver. This allows a local attacker to escalate privileges to SYSTEM.
Recommendations
For Realtek Waves MaxxAudio driver version 1.6.2.0, consider updating the driver to a version with correct file permissions to prevent privilege escalation. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation.
Exploit
Correção
Incorrect Permission
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Realtek Waves Maxxaudio Driver