Published: 29/06/2020 Updated: 03/04/2024

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 189

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.

Vulnerable Product	Search on Vulmon	Subscribe to Product
asrock rgb_driver_firmware -

All of my Github stars automatically classified by stargazed ⭐ on Markdown tables

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Arduino (1) Assembly (4) Astro (1) AutoHotkey (12) Batchfile (27) Bikeshed (1) C (156) C# (158) C++ (236) CMake (2) CSS (57) Clojure (3) CoffeeScript (4) Common Lisp (3) Coq (3) Crystal (1) Cuda (10) Cython (1) D (1) Dart (2) Dockerfile (8) Eagle (1) Earthly (1) Emacs Lisp (16) F# (1) Fo

All of my Github stars automatically classified by stargazed ⭐ on Markdown tables

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Arduino (1) Assembly (4) Astro (1) AutoHotkey (12) Batchfile (27) Bikeshed (1) C (156) C# (158) C++ (236) CMake (2) CSS (57) Clojure (3) CoffeeScript (4) Common Lisp (3) Coq (3) Crystal (1) Cuda (10) Cython (1) D (1) Dart (2) Dockerfile (8) Eagle (1) Earthly (1) Emacs Lisp (16) F# (1) Fo

CVE-2020-15368, aka "How to exploit a vulnerable driver"

How to exploit a vulnerable windows driver Exploit and Proof of Concept (PoC) for CVE-2020-15368 Asrock repackaged rweverything driver for their RGB controller configuration tool and signed it They "protect" it by encrypting their ioctlslol We found this CVE by accident last summer, and afaik the driver still isn't patched The impact is of course arbitrary

All of my Github stars automatically classified by stargazed ⭐ on Markdown tables

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Arduino (1) Assembly (4) Astro (1) AutoHotkey (12) Batchfile (27) Bikeshed (1) C (156) C# (158) C++ (236) CMake (2) CSS (57) Clojure (3) CoffeeScript (4) Common Lisp (3) Coq (3) Crystal (1) Cuda (10) Cython (1) D (1) Dart (2) Dockerfile (8) Eagle (1) Earthly (1) Emacs Lisp (16) F# (1) Fo

A curated list of my GitHub stars by stargazed

Awesome Stars A curated list of my GitHub stars! Generated by stargazed 🏠 Contents Arduino (1) Assembly (4) Astro (1) AutoHotkey (12) Batchfile (27) Bikeshed (1) C (156) C# (158) C++ (236) CMake (2) CSS (56) Clojure (3) CoffeeScript (4) Common Lisp (3) Coq (3) Crystal (1) Cuda (10) Cython (1) D (1) Dart (2) Dockerfile (8) Eagle (1) Earthly (1) Emacs Lisp (16) F# (1) Fo

My stars, organized

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ASL Batchfile C C# C++ CSS Clojure Crystal Cuda Dart Dockerfile Elixir Go Groovy HTML Handlebars Haskell Java JavaScript Jinja Jupyter Notebook Kotlin Lua Nim Others PHP Pascal Perl PowerShell Python Rich Text Format Ruby Rust SCSS SVG Scala Shell Svelte Swift TeX TypeScript V Vim Script Vue Zig

Threat group builds custom malware to attack industrial systems

The Register • Jeff Burt • 01 Jan 1970

Get our weekly newsletter US security agencies say the tools can give hackers control of ICS and SCADA devices

Hackers have created custom tools to control a range of industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices, marking the latest threat to a range of critical infrastructure in the United States, according to several government agencies. In an alert this week, the Cybersecurity and Infrastructure Security Agency, (CISA), Department of Energy (DOE), National Security Agency (NSA), and FBI said that some of the devices at risk including programmable logic co...

CVE-2020-15368

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect