CVE-2019-19452

Published: Feb 21, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.

Affected (1)

Products: Patriotmemory: Viper Rgb Driver

Patriotmemory

1 product

Viper Rgb Driver

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Patriotmemory Viper Rgb Driver	Up to 1.1

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.viper.patriotmemory.com

Source: cve@mitre.org

Product

https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.viper.patriotmemory.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.