Security News > 2020 > February > DLL Hijacking Vulnerability Found in Realtek HD Audio Driver

DLL Hijacking Vulnerability Found in Realtek HD Audio Driver
2020-02-06 16:18

A vulnerability in the Realtek HD Audio Driver package could be abused to execute arbitrary payloads with elevated privileges on a vulnerable machine, SafeBreach Labs has discovered.

Tracked as CVE-2019-19705, the vulnerability could be leveraged to evade defenses and achieve persistence by loading an arbitrary, unsigned DLL into a signed process.

The Realtek HD Audio Driver package is present on all Windows machines that feature a Realtek sound card, rendering all of them vulnerable to attacks.

An attacker targeting the vulnerability could load and execute malicious payloads within the context of the Realtek signed process.

The vulnerability was reported to the vendor in July last year and was addressed with the release of Realtek HD Audio Driver package version 1.0.0.8856 in December.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/jIBApmebGd8/dll-hijacking-vulnerability-found-realtek-hd-audio-driver

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-12-26 CVE-2019-19705 Unquoted Search Path or Element vulnerability in Lenovo products
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.
local
low complexity
lenovo CWE-428
7.8
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Realtek 40 3 16 35 6 60