FEYE-2019-0005

Description

IOCTL 0x120004 in KfeCo10X64.sys, part of Rivet Killer Control Center, fails to validate parameters leading to a stack-based buffer overflow which can lead to code execution and elevation of privileges.

Impact

High - Arbitrary Ring 0 code execution

Exploitability

Low - Attacker must have admin privileges

CVE Reference

CVE-2019-15661

Technical Details

Proof of concept and technical details are provided in the PoC folder.

Resolution

This issue was fixed in October 2019: https://support.killernetworking.com/downloads/ReleaseNotes/KillerSoftware_Release_Notes_2.1.1352.pdf

Discovery Credits

Dhanesh Kizhakkinan

Disclosure Timelines

7 July 2019 - Contacted vendor
26 August 2019 - Second attempt to contact vendor
26 August 2019 - Vendor responded with fix
13 October 2019 - Fix published

PoC

Provided as part of poc.cpp

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FEYE-2019-0005.md

FEYE-2019-0005.md

FEYE-2019-0005

Description

Impact

Exploitability

CVE Reference

Technical Details

Resolution

Discovery Credits

Disclosure Timelines

PoC

Files

FEYE-2019-0005.md

Latest commit

History

FEYE-2019-0005.md

File metadata and controls

FEYE-2019-0005

Description

Impact

Exploitability

CVE Reference

Technical Details

Resolution

Discovery Credits

Disclosure Timelines

PoC