Security Advisory

CVE-2019-18845

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-09 17:05:16

Last updated 2024-08-05 02:02:39

Assigner mitre

State PUBLISHED

Description

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITYSYSTEM privileges, by mapping DevicePhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.

← Browse all CVEs View on cve.org ↗