Vulnerabilities (CVE)

Filtered by vendor Patriotmemory Subscribe
Filtered by product Viper Rgb Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9756 1 Patriotmemory 2 Viper Rgb, Viper Rgb Firmware 2024-11-21 4.6 MEDIUM 7.8 HIGH
Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insufficient access control. The IOCTL Codes 0x80102050 and 0x80102054 allows a local user with low privileges to read/write 1/2/4 bytes from or to an IO port. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
CVE-2019-18845 1 Patriotmemory 2 Viper Rgb, Viper Rgb Firmware 2024-11-21 3.6 LOW 7.1 HIGH
The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.