Security News > 2020 > February > DLL Hijacking Vulnerability Found in Realtek HD Audio Driver
A vulnerability in the Realtek HD Audio Driver package could be abused to execute arbitrary payloads with elevated privileges on a vulnerable machine, SafeBreach Labs has discovered.
Tracked as CVE-2019-19705, the vulnerability could be leveraged to evade defenses and achieve persistence by loading an arbitrary, unsigned DLL into a signed process.
The Realtek HD Audio Driver package is present on all Windows machines that feature a Realtek sound card, rendering all of them vulnerable to attacks.
An attacker targeting the vulnerability could load and execute malicious payloads within the context of the Realtek signed process.
The vulnerability was reported to the vendor in July last year and was addressed with the release of Realtek HD Audio Driver package version 1.0.0.8856 in December.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2019-19705 | Unquoted Search Path or Element vulnerability in Lenovo products Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. | 7.8 |