CVE-2019-15665

Опубликовано: 20 мар. 2020

Источник: nvd

CVSS3: 7.2

CVSS2: 9

EPSS Низкий

Описание

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges.

Ссылки

https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0009/FEYE-2019-0009.md
Release Notes
Third Party Advisory
https://support.killernetworking.com/downloads/ReleaseNotes/KillerSoftware_Release_Notes_2.1.1352.pdf
Release Notes
Vendor Advisory
https://www.killernetworking.com
Product
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2019-0009/FEYE-2019-0009.md
Release Notes
Third Party Advisory
https://support.killernetworking.com/downloads/ReleaseNotes/KillerSoftware_Release_Notes_2.1.1352.pdf
Release Notes
Vendor Advisory
https://www.killernetworking.com
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:killernetworking:killer_control_center:*:*:*:*:*:*:*:*

Версия до 2.1.1352 (исключая)

EPSS

Процентиль: 79%

0.01248

Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-3q7p-8frq-qm6c

github

больше 3 лет назад