Lucene search
+L

79 matches found

NVD
NVD
added 2021/07/23 11:15 a.m.25 views

CVE-2020-14032

ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM...

9.8CVSS0.02115EPSS
Exploits1References2
Prion
Prion
added 2021/07/23 11:15 a.m.18 views

Privilege escalation

ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM...

7.5CVSS9.8AI score0.02115EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/07/23 10:13 a.m.43 views

CVE-2020-14032

CVE-2020-14032 affects ASRock 4x4 BOX-R1000 BIOS prior to P1.40. The root cause is a lack of validation for ArgsStruct data in the SMM SmiGetVariable handling (SMI 0xEF), allowing an attacker to write to SMRAM and achieve code execution in SMM, leading to privilege escalation. CVSS metrics in NVD...

9.8CVSS9.7AI score0.02115EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/23 10:13 a.m.26 views

CVE-2020-14032

ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM...

9.9AI score0.02115EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/23 12:0 a.m.4 views

ASRock 4x4 BOX-R1000 安全漏洞

ASRock Industrial 4x4 BOX-R1000 is a fan-shaped embedded box computer from ASRock Industrial. A security vulnerability exists in ASRock 4x4 BOX-R1000 BIOS versions prior to P1.40, which allows attackers to elevate privileges via code execution in SMM...

9.8CVSS8.8AI score0.02115EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2021/06/29 4:38 a.m.298 views

Exploit for CVE-2020-15368

How to exploit a vulnerable windows driver Exploit and Proof...

5.5CVSS6.5AI score0.01349EPSS
Exploits1
CNVD
CNVD
added 2021/04/25 12:0 a.m.6 views

Unauthorized Access Vulnerability in Terminal Security Management System of ASRock

ASRock Terminal Security Management System is an integrated terminal security product solution for governmental and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, and is compatib...

6.9AI score
Exploits0
CNVD
CNVD
added 2021/04/23 12:0 a.m.2 views

SQL Injection Vulnerability in ASRock Terminal Security Management System

ASRock Terminal Security Management System is an integrated terminal security product solution for governmental and enterprise organizations. The product integrates anti-virus, terminal security control, terminal access, terminal audit, peripheral control, EDR and other functions, and is compatib...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/02/20 12:0 a.m.2 views

Unauthorized Access Vulnerability in ASRock DAYS Disaster Recovery Software (CNVD-2021-17379)

ASRock DAYS disaster recovery software belongs to DAYS series of optional products, which integrates disaster recovery, fault tolerance, backup and query functions, and provides one-stack infrastructure, the same disaster recovery management, elasticity, multi-layer data protection, smooth...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/11/22 12:0 a.m.4 views

Weak Password Vulnerability in ASRock DAYS Disaster Recovery Software

ASRock DAYS disaster recovery software belongs to DAYS series of optional products, which integrates disaster recovery, fault tolerance, backup and query functions, and provides one-stack infrastructure, the same disaster recovery management, elasticity, multi-layer data protection, smooth...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/22 12:0 a.m.3 views

File Upload Vulnerability in WaveRock DAYS Disaster Recovery Software

ASRock DAYS disaster recovery software belongs to DAYS series of optional products, which integrates disaster recovery, fault tolerance, backup and query functions, and provides one-stack infrastructure, the same disaster recovery management, elasticity, multi-layer data protection, smooth...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/07/10 9:26 a.m.9 views

asrock.com Cross Site Scripting vulnerability OBB-1220288

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
CNVD
CNVD
added 2020/06/30 12:0 a.m.12 views

Unspecified Vulnerability in ASRock RGB Driver

ASRock RGB Driver is a RGB three primary colors light mode light driver from ASRock Taiwan, China. A security vulnerability exists in the AsrDrv103.sys file in ASRock RGB Driver, which originates from the program's failure to properly restrict access from user space. No details of the vulnerabili...

5.5CVSS6.7AI score0.01349EPSS
Exploits1References1
NVD
NVD
added 2020/06/29 9:15 p.m.26 views

CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

6.1CVSS0.01349EPSS
Exploits1References2
Prion
Prion
added 2020/06/29 9:15 p.m.14 views

Design/Logic Flaw

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

2.1CVSS6.3AI score0.01349EPSS
Exploits1References1
CVE
CVE
added 2020/06/29 12:0 a.m.438 views

CVE-2020-15368

CVE-2020-15368 involves ASRock RGB Driver’s AsrDrv103.sys, which fails to restrict user-space access. The Red Hat advisory and other sources confirm the issue can be triggered via a crafted request to CR3, enabling kernel-level code execution (e.g., triple fault scenario) and potential post-explo...

6.1CVSS5.3AI score0.01349EPSS
In wildExploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/29 12:0 a.m.91 views

CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

5.5CVSS3.2AI score0.01349EPSS
In wildExploits1References4
Vulnrichment
Vulnrichment
added 2020/06/29 12:0 a.m.11 views

CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

6.2AI score0.01349EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/06/29 12:0 a.m.11 views

PT-2020-6648

Name of the Vulnerable Software and Affected Versions ASRock RGB Driver versions with AsrDrv103.sys affected versions not specified Description The issue is related to the AsrDrv103.sys driver in the ASRock RGB Driver, which does not properly restrict access from user space. This can be...

6.1CVSS6.6AI score0.01349EPSS
Exploits1References14
Cvelist
Cvelist
added 2020/06/29 12:0 a.m.33 views

CVE-2020-15368

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3...

5.3AI score0.01349EPSS
Exploits1References2
Rows per page
Query Builder