Attacker Value
High
(1 user assessed)
Exploitability
Very High
(1 user assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2019-19452

Disclosure Date: February 21, 2020
CVE-2019-19452 CVSS v3 Base Score: 7.8
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.

Add Assessment

5
Ratings
  • Attacker Value
    High
  • Exploitability
    Very High
Difficult to patchEasy to weaponizeGives privileged accessUnauthenticatedVulnerable in default configurationRequires user interaction
Technical Analysis

Overview

A vulnerability was discovered within the Viper driver RGB version 11, where it did not properly perform input sanitize action against IOCTL 0x80102040 input from user mode. Successful exploitation of this vulnerability leads to the escalation of a user’s privilege, allowing for an unauthorized and unauthenticated user to obtain system privileges. The vulnerability class for this driver CVE is a standard stack-based buffer overflow.

A proof-of-concept does exist, provided by core security, the proof-of-concept is proven to work on a Windows 7 system, porting this vulnerability to a higher version of Windows would require additional security mitigation bypasses.

Impact

Including this vulnerable version of this driver on your system will lead to a degradation of integrity and diminishes all aspects of security for the host. This vulnerable driver allows for an attacker to obtain higher levels of privilege than they’re supposed to have from an unauthenticated standpoint.

Recommended remediation

The recommended remediation for this vulnerability is to update your drivers and to follow any guidelines for updating the software that provides this vulnerable driver.

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • patriotmemory

Products

  • viper rgb driver

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis