Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
1 contributor

Users who have contributed to this file

ACTIVE-2019-012: Viper RGB Driver Local Privilege Escalation

Vulnerability Type:

Privilege Escalation

Vendors:

Patriot Memory

CVE ID:

CVE-2019-18845

Affected Products:

  • Viper RGB version 1.0

Summary:

MsIo64.sys/MsIo32.sys driver in Viper RGB version 1.0 allows local users (including low integrity processes) to read and write arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges via mapping \Device\PhysicalMemory into the calling process using ZwOpenSection and ZwMapViewOfSection.

Mitigation:

The vendor has released a patch in version 1.1 addressing this vulnerability.

Credit:

This vulnerability was found by Hashim Jawad of ACTIVELabs.

References:

Disclosure Timeline:

  • 10-04-19: ACTIVELabs contacted Patriot Memory on Twitter requesting security contact
  • 10-04-19: Patriot Memory asked to send vulnerability details to support@patriotmem.com
  • 10-04-19: ACTIVELabs sent vulnerability details to Patriot Memory support
  • 10-09-19: ACTIVELabs requested an update
  • 10-09-19: Patriot Memory support responded that R&D team are in the process of testing and patching the vulnerability
  • 10-28-19: Patriot Memory support communicated that patch has be produced and requested ACTIVELabs to test the patch before release
  • 11-01-19: ACTIVELabs confirmed the patch has nullified the vulnerability
  • 11-05-19: Patriot Memory informed ACTIVELabs the patch has been pushed to the website and requested to provide CVE number once assigned
  • 11-08-19: ACTIVELabs publishes this advisory
  • 11-08-19: ACTIVELabs request CVE from MITRE