Lucene search

[email protected]NVD:CVE-2022-25480

HistoryJul 02, 2024 - 7:15 p.m.

CVE-2022-25480

2024-07-0219:15:12

CWE-787

[email protected]

web.nvd.nist.gov

realtek

rtsper

rtsuer

card reader

vulnerability

kernel memory

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.0%

JSON

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP.

Affected configurations

Nvd

Node

realtekrtsperRange<10.0.22000.21355

realtekrtsuerRange<10.0.22000.31274

VendorProductVersionCPE
realtekrtsper*cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*
realtekrtsuer*cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
realtek	rtsper	*	cpe:2.3:a:realtek:rtsper::::::::
realtek	rtsuer	*	cpe:2.3:a:realtek:rtsuer::::::::

References

realtek.com

gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a

www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.0%

JSON

Related for NVD:CVE-2022-25480

cve1 cvelist1 vulnrichment1