Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

CVE-2019-9730: Synaptics Audio Driver LPE

The vulnerability in this driver package was with the CxUtilSvc system service. It hosted a COM object that low-privileged code can use to perform arbitrary reads and writes to the registry as SYSTEM. The .NET code adds the IRegistryHelper COM interface as a reference to invoke its methods.

In terms of exploitation, a less subtle approach is used that replaces the binary path of a given service with a command that creates a local Administrator account. Although standard user accounts cannot start/stop every service, there is usually a small subset where they can (e.g. ose). They can also reboot the system if they cannot immediately start a service.

Write-up and technical advisory here: http://jackson-t.ca/synaptics-cxutilsvc-lpe.html.

Affected Vendors

This list is not comprehensive.

About

Synaptics Audio Driver LPE

Resources

License

Releases

No releases published

Packages

No packages published

Languages