Published: 02/10/2020 Updated: 09/10/2020

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Ambientlink Mslo64 Firmware

The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).

Vulnerable Product	Search on Vulmon	Subscribe to Product
msi ambientlink_mslo64_firmware 1.0.0.8

MSI Ambient Link Driver version 1008 suffers from a local privilege escalation vulnerability ...

PoC exploits for CVE-2020-17382

CVE-2020-17382 PoC exploits for CVE-2020-17382 Working exploits for: Windows 10 - 1709 Windows 7 x64 SP1 Reference blog post: wwwmatteomalvicacom/blog/2020/09/24/weaponizing-cve-2020-17382/

CVE-2020-17382 Windows 10 x64 2004 Build 19041.264 Exploit

CVE-2020-17382 Windows 10 x64 2004 Build 19041264 Exploit Kudos to @matteomalvica for asking me so many questions about this vulnerability that forced me to write an exploit for him for the latest Windows 10 release 19041264 without KVA Shadow (ie non Specter vulnerable CPUs) and without VBS Trivial to adapt to older Windows versions (Matteo adapted it to 1709, check his b

CWE-787 https://www.coresecurity.com/core-labs/advisories/msi-ambient-link-multiple-vulnerabilities https://us.msi.com/support/download/vga http://packetstormsecurity.com/files/159315/MSI-Ambient-Link-Driver-1.0.0.8-Privilege-Escalation.html https://nvd.nist.gov https://github.com/uf0o/CVE-2020-17382 https://packetstormsecurity.com/files/159315/MSI-Ambient-Link-Driver-1.0.0.8-Privilege-Escalation.html

CVE-2020-17382

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect