Vulnerabilities > CVE-2020-13515 - Missing Authorization vulnerability in Nzxt CAM 4.8.0

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
nzxt
CWE-862

Summary

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
Application
Nzxt
1

Common Weakness Enumeration (CWE)