CVE-2020-9756

Name of the Vulnerable Software and Affected Versions Patriot Viper RGB Driver version 1.1 and prior

Description The issue exposes IOCTL and allows insufficient access control, potentially enabling a local user with low privileges to read or write data from or to an IO port. This could be leveraged to run code with elevated privileges. The IOCTL Codes 0x80102050 and 0x80102054 are specifically affected, allowing a local user to read/write 1/2/4 bytes from or to an IO port.

Recommendations For Patriot Viper RGB Driver version 1.1 and prior, consider restricting access to the IOCTL codes 0x80102050 and 0x80102054 as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.