Vulnerabilities > CVE-2019-19452 - Out-of-bounds Write vulnerability in Patriotmemory Viper RGB Driver 1.1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

patriotmemory

CWE-787

NVD

Published: 2020-02-21

Updated: 2020-02-25

Summary

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.

Vulnerable Configurations

Part	Description	Count
Application	Patriotmemory Patriotmemory Viper RGB Driver 1.1	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities
https://www.viper.patriotmemory.com