Описание
The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:patriotmemory:viper_rgb_firmware:1.0:*:*:*:*:*:*:*
cpe:2.3:h:patriotmemory:viper_rgb:-:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00087
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-269
Связанные уязвимости
github
больше 3 лет назад
The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.
EPSS
Процентиль: 26%
0.00087
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-269