Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:D1546F47-6385-4452-85B4-BCD67F93AF06
HistoryJan 25, 2020 - 12:00 a.m.

CVE-2019-5183

2020-01-2500:00:00
attackerkb.com
15

0.002 Low

EPSS

Percentile

62.2%

JSON

An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Recent assessments:

zeroSteiner at February 04, 2020 8:16pm UTC reported:

The attacker utility for this particular vulnerability is limited by the hardware dependency. Additionally the vulnerability as described in the original disclosure can not be used for privilege escalation, only VMWare escapes.

The vmware-vmx.exe process on the host OS runs as the user which started VMware which is why the vulnerability would not yield SYSTEM privileges on the host. At the time of this writing, the vmware-vmx.exe process does not utilize the new Control Flow Guard which would make it easier to overwrite an entry in the vtable with a function pointer, aiding in exploit development.

While a failed exploit attempt would not crash the host OS because the vulnerability is not kernel mode, the VMWare guest maybe affected and become unresponsive.

bwatters-r7 at February 04, 2020 8:31pm UTC reported:

The attacker utility for this particular vulnerability is limited by the hardware dependency. Additionally the vulnerability as described in the original disclosure can not be used for privilege escalation, only VMWare escapes.

The vmware-vmx.exe process on the host OS runs as the user which started VMware which is why the vulnerability would not yield SYSTEM privileges on the host. At the time of this writing, the vmware-vmx.exe process does not utilize the new Control Flow Guard which would make it easier to overwrite an entry in the vtable with a function pointer, aiding in exploit development.

While a failed exploit attempt would not crash the host OS because the vulnerability is not kernel mode, the VMWare guest maybe affected and become unresponsive.

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 4

Related

talosblog 1
nvd 4
prion 4
cve 4
cvelist 4
talos 4
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in some AMD graphics cards
2020-01-22 06:15:57
nvd
nvd
CVE-2019-5147
2020-01-25 18:15:12
CVE-2019-5183
2020-01-25 18:15:12
CVE-2019-5124
2020-01-25 18:15:12
prion
prion
Out-of-bounds
2020-01-25 18:15:00
Out-of-bounds
2020-01-25 18:15:00
Out-of-bounds
2020-01-25 18:15:00
cve
cve
CVE-2019-5147
2020-01-25 18:15:12
CVE-2019-5183
2020-01-25 18:15:12
CVE-2019-5124
2020-01-25 18:15:12
cvelist
cvelist
CVE-2019-5147
2020-01-25 17:53:12
CVE-2019-5183
2020-01-25 17:59:18
CVE-2019-5124
2020-01-25 17:53:00
talos
talos
AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability
2020-01-21 00:00:00
AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability
2020-01-21 00:00:00
AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability
2020-01-21 00:00:00

0.002 Low

EPSS

Percentile

62.2%

JSON
Related for AKB:D1546F47-6385-4452-85B4-BCD67F93AF06
talosblog1nvd4prion4cve4cvelist4talos4