PT-2020-9753 · Rivet · Rivet Killer Control Center

Dhanesh Kizhakkinan

Published

2020-03-20

Updated

2020-03-26

CVE-2019-15661

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Rivet Killer Control Center versions prior to 2.1.1352

Description An issue was discovered where IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow. This can result in code execution or escalation of privileges.

Recommendations For versions prior to 2.1.1352, update to version 2.1.1352 or later to resolve the issue. As a temporary workaround, consider restricting access to the KfeCo10X64.sys driver to minimize the risk of exploitation.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-15661

Affected Products

Rivet Killer Control Center

PT-2020-9753 · Rivet · Rivet Killer Control Center

CVE-2019-15661

Weakness Enumeration

Related Identifiers

Affected Products

References · 6