CVE-2021-36924

Name of the Vulnerable Software and Affected Versions Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio versions 1.14.0.0 and earlier

Description The issue allows local low-privileged users to achieve a pool overflow, leading to Escalation of Privileges, Denial of Service, and Code Execution via a crafted Device IO Control packet to a device.

Recommendations For versions 1.14.0.0 and earlier, as a temporary workaround, consider restricting access to the RtsUpx.sys driver until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.