CVE-2020-28921

Name of the Vulnerable Software and Affected Versions Devid Espenschied PC Analyser versions through 4.10

Description An issue was discovered in the PCADRVX64.SYS kernel driver, which exposes IOCTL functionality. This allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs), potentially leading to arbitrary Ring-0 code execution and escalation of privileges.

Recommendations For Devid Espenschied PC Analyser versions through 4.10, consider disabling the PCADRVX64.SYS kernel driver until a patch is available to prevent low-privilege users from exploiting the IOCTL functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.