CVE-2019-15662

Опубликовано: 20 мар. 2020

Источник: nvd

CVSS3: 2.7

CVSS2: 4

EPSS Низкий

Описание

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120444 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary read primitive that can be used as part of a chain to escalate privileges.

Ссылки

https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0006/FEYE-2019-0006.md
Release Notes
Third Party Advisory
https://support.killernetworking.com/downloads/ReleaseNotes/KillerSoftware_Release_Notes_2.1.1352.pdf
Release Notes
Third Party Advisory
https://www.killernetworking.com
Product
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0006/FEYE-2019-0006.md
Release Notes
Third Party Advisory
https://support.killernetworking.com/downloads/ReleaseNotes/KillerSoftware_Release_Notes_2.1.1352.pdf
Release Notes
Third Party Advisory
https://www.killernetworking.com
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:killernetworking:killer_control_center:*:*:*:*:*:*:*:*

Версия до 2.1.1352 (исключая)

EPSS

Процентиль: 52%

0.00286

Низкий

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-rwv5-x397-hqq3

github

больше 3 лет назад