Vulnerabilities > CVE-2020-9453 - NULL Pointer Dereference vulnerability in Epson Iprojection 2.30
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://epson.com
- https://epson.com
- https://epson.com/Support/wa00936
- https://epson.com/Support/wa00936
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_MPAU.sys
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_MPAU.sys