PT-2019-15697 · Patriot · Patriot Viper Rgb

Hashim Jawad

Publicado

2019-11-09

Atualizado

2020-03-18

CVE-2019-18845

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Patriot Viper RGB versions prior to 1.1

Description The issue allows local users, including those with low integrity processes, to read and write to arbitrary memory locations. This can lead to the gain of NT AUTHORITYSYSTEM privileges by mapping DevicePhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection functions.

Recommendations For Patriot Viper RGB versions prior to 1.1, update to version 1.1 or later to resolve the issue.

Exploit

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

CVE-2019-18845

Produtos afetados

Patriot Viper Rgb

PT-2019-15697 · Patriot · Patriot Viper Rgb

CVE-2019-18845

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5