Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2017-7293

Published: 26/04/2017 Updated: 03/10/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Dolby Audio X2

Vulnerability Summary

The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dolby dolby audio x2 1.1

dolby dolby audio x2 1.2

dolby dolby audio x2 1.4.1

dolby dolby audio x2 1.4.3

dolby dolby audio x2 1.0

dolby dolby audio x3 1.0

dolby dolby audio x3 1.1

dolby dolby audio x2 1.3

dolby dolby audio x2 1.3.1

dolby dolby audio x2 1.3.2

dolby dolby audio x2 1.4

dolby dolby audio x2 1.0.1

dolby dolby audio x2 1.1.1

dolby dolby audio x2 1.4.2

dolby dolby audio x2 1.4.4

Exploits

Exploit DB: Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation
Source: bugschromiumorg/p/project-zero/issues/detail?id=1075 Windows: Dolby Audio X2 Service Elevation of Privilege Platform: Windows 10 + Realtek Audio Driver version 6017898 (on a Lenovo P50) Version of the service binary 07261 built on 7/18/2016 Class: Elevation of Privilege Summary: The DAX2API service installed as part of t ...

References

CWE-502https://www.exploit-db.com/exploits/41933/https://bugs.chromium.org/p/project-zero/issues/detail?id=1075https://nvd.nist.govhttps://www.exploit-db.com/exploits/41933/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook