Published: 11/08/2020 Updated: 21/07/2021

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 up to and including 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations. This allows any user to gain NT AUTHORITY\SYSTEM privileges by mapping \Device\PhysicalMemory into the calling process.

Vulnerable Product	Search on Vulmon	Subscribe to Product
evga precision x1
winring0 project winring0 1.2.0

PowerShell script to apply Zenbleed (CVE-2023-20593) MSR workaround on Windows

Stopping Zenbleed (CVE-2023-20593) on Windows The newly discovered Zenbleed vulnerability (CVE-2023-20593) affects all Zen2 processors from AMD Unfortunately, AMD will not provide microcode updates for many of its processors until November or December 2023 How to stay safe in the meantime? Luckily, there is a software workaround While applying the software workaround is a on

Management tool for facilitating driver service (un)installation.

SKIFdrv Management tool for facilitating driver service (un)installation Special K can make use of the common WinRing0_1_2_0 kernel driver to enable advanced CPU hardware monitoring capabilities in its CPU widget This tool allows end-users to easily install/uninstall the driver and the necessary components, and is redistributed as a separate installer from the main Special K

NVD-CWE-noinfo https://www.evga.com/precisionx1/https://posts.specterops.io/cve-2020-14979-local-privilege-escalation-in-evga-precisionx1-cf63c6b95896 https://nvd.nist.gov https://github.com/sbaresearch/stop-zenbleed-win

CVE-2020-14979

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect