Remote code execution

2020-11-2718:15:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON

An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution and escalation of privileges.

CPENameOperatorVersion
pc_analyserle4.10

CPE	Name	Operator	Version
	pc_analyser	le	4.10

References

www.pcanalyser.de/index.php/historie/

github.com/eset/vulnerability-disclosures

github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28921/CVE-2020-28921.md