cnvd - cnvd-2019-41649

cnvd-2019-41649

Vulnerability from cnvd

Title: Patriot Viper RGB本地权限提升漏洞

Description:

Patriot Viper RGB是中国台湾Patriot公司的一款内存模块设备。

Patriot Viper RGB 1.1之前版本中的MsIo64.sys和MsIo32.sys驱动程序存在本地权限提升漏洞，本地攻击者可利用该漏洞对任意位置的内存进行读写操作，进而获取NT AUTHORITYSYSTEM权限。

Severity: 低

Patch Name: Patriot Viper RGB本地权限提升漏洞的补丁

Patch Description:

Patriot Viper RGB是中国台湾Patriot公司的一款内存模块设备。

Patriot Viper RGB 1.1之前版本中的MsIo64.sys和MsIo32.sys驱动程序存在本地权限提升漏洞，本地攻击者可利用该漏洞对任意位置的内存进行读写操作，进而获取NT AUTHORITYSYSTEM权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://www.patriotmemory.com/

Reference: https://github.com/active-labs/Advisories/blob/master/ACTIVE-2019-012.md https://nvd.nist.gov/vuln/detail/CVE-2019-18845

Impacted products

Name
Patriot Viper RGB <1.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-18845",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18845"
    }
  },
  "description": "Patriot Viper RGB\u662f\u4e2d\u56fd\u53f0\u6e7ePatriot\u516c\u53f8\u7684\u4e00\u6b3e\u5185\u5b58\u6a21\u5757\u8bbe\u5907\u3002\n\nPatriot Viper RGB 1.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684MsIo64.sys\u548cMsIo32.sys\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u4efb\u610f\u4f4d\u7f6e\u7684\u5185\u5b58\u8fdb\u884c\u8bfb\u5199\u64cd\u4f5c\uff0c\u8fdb\u800c\u83b7\u53d6NT AUTHORITYSYSTEM\u6743\u9650\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.patriotmemory.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-41649",
  "openTime": "2019-11-21",
  "patchDescription": "Patriot Viper RGB\u662f\u4e2d\u56fd\u53f0\u6e7ePatriot\u516c\u53f8\u7684\u4e00\u6b3e\u5185\u5b58\u6a21\u5757\u8bbe\u5907\u3002\r\n\r\nPatriot Viper RGB 1.1\u4e4b\u524d\u7248\u672c\u4e2d\u7684MsIo64.sys\u548cMsIo32.sys\u9a71\u52a8\u7a0b\u5e8f\u5b58\u5728\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u4efb\u610f\u4f4d\u7f6e\u7684\u5185\u5b58\u8fdb\u884c\u8bfb\u5199\u64cd\u4f5c\uff0c\u8fdb\u800c\u83b7\u53d6NT AUTHORITYSYSTEM\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Patriot Viper RGB\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Patriot Viper RGB \u003c1.1"
  },
  "referenceLink": "https://github.com/active-labs/Advisories/blob/master/ACTIVE-2019-012.md\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-18845",
  "serverity": "\u4f4e",
  "submitTime": "2019-11-09",
  "title": "Patriot Viper RGB\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2019-18845 (GCVE-0-2019-18845)

Vulnerability from cvelistv5

Published

2019-11-09 17:05

Modified

2024-08-05 02:02

Severity ?

CWE

Summary

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.

References

▼	URL	Tags
	https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.775Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\\SYSTEM privileges, by mapping \\Device\\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-18T18:53:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-18845",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\\SYSTEM privileges, by mapping \\Device\\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md",
              "refsource": "MISC",
              "url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-18845",
    "datePublished": "2019-11-09T17:05:16",
    "dateReserved": "2019-11-09T00:00:00",
    "dateUpdated": "2024-08-05T02:02:39.775Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted