Vulnerabilities > CVE-2019-19452 - Out-of-bounds Write vulnerability in Patriotmemory Viper RGB Driver 1.1

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

patriotmemory

CWE-787

NVD

Published: 2020-02-21

Updated: 2020-02-25

Summary

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.

Vulnerable Configurations

Part	Description	Count
Application	Patriotmemory Patriotmemory Viper RGB Driver 1.1	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.viper.patriotmemory.com
https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities