Vulnerabilities > CVE-2022-25480 - Out-of-bounds Write vulnerability in Realtek Rtsper and Rtsuer

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
realtek
CWE-787

Summary

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP.

Vulnerable Configurations

Part Description Count
Application
Realtek
2

Common Weakness Enumeration (CWE)