CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2020/12/18 8:15 p.m.•12 views

CVE-2020-13515

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability...

8.8CVSS8.8AI score0.0004EPSS

Prion•added 2020/12/18 8:15 p.m.•15 views

Privilege escalation

7.2CVSS8.7AI score0.0004EPSS

Prion•added 2020/12/18 8:15 p.m.•14 views

Privilege escalation

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability...

7.2CVSS8.7AI score0.00136EPSS

Exploits2References1Affected Software1

CVE•added 2020/12/18 7:42 p.m.•50 views

CVE-2020-13514

CVE-2020-13514 affects NZXT CAM 4.8.0 via the WinRing0x64 Driver Privileged I/O Write IRPs. A crafted IRP (notably 0x9c40a0e0) can grant a low-privilege user unrestrained access to the OUT instruction at elevated privileges, enabling privilege escalation locally. The TALOS entry explicitly tests ...

8.8CVSS8.7AI score0.0004EPSS

Cvelist•added 2020/12/18 7:42 p.m.•11 views

CVE-2020-13513

A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0dc gives a low privilege user direct access to the OUT instruction that...

8.8CVSS8.8AI score0.0004EPSS

NVD•added 2020/12/18 12:15 a.m.•7 views

CVE-2020-13509

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP Using the IRP 0x9c4060cc gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...

6.5CVSS6.3AI score0.00052EPSS

NVD•added 2020/12/18 12:15 a.m.•8 views

CVE-2020-13516

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406144 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

NVD•added 2020/12/18 12:15 a.m.•8 views

CVE-2020-13517

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

6.5CVSS5.5AI score0.00052EPSS

Prion•added 2020/12/18 12:15 a.m.•13 views

Information disclosure

2.1CVSS6.2AI score0.00052EPSS

Prion•added 2020/12/18 12:15 a.m.•17 views

Information disclosure

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP using the IRP 0x9c4060d4 gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...

2.1CVSS6.2AI score0.00052EPSS

CVE•added 2020/12/17 11:48 p.m.•67 views

CVE-2020-13518

NZXT CAM 4.8.0 is affected by an information-disclosure vulnerability in the WinRing0x64 driver IRP 0x9c402084. Talos details show an attacker with low privileges could trigger an IRP to read MSR via the driver, exposing sensitive information locally. The PoC demonstrates reading MSR 0xC0000080 (...

6.5CVSS6.1AI score0.00065EPSS

CVE•added 2020/12/17 11:46 p.m.•65 views

CVE-2020-13511

The CVE-2020-13511 entry affects NZXT CAM 4.8.0 via the WinRing0x64 driver’s Privileged I/O Read IRPs. The TALOS report and CVE records describe an information-disclosure flaw where an attacker with local access can trigger IRP 0x9c4060d4 to read privileged processor I/O data (in this case, via I...

6.5CVSS6.1AI score0.00052EPSS

Cvelist•added 2020/12/17 11:46 p.m.•8 views

CVE-2020-13510

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP using the IRP 0x9c4060d0 gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...

CVE•added 2020/12/17 11:46 p.m.•73 views

CVE-2020-13509

NZXT CAM 4.8.0 is affected by CVE-2020-13509 due to the WinRing0x64 driver’s Privileged I/O Read IRPs functionality. A crafted IRP (0x9c4060cc) allows a low-privilege user to perform an unrestrained IN instruction at elevated privileges, enabling potential leakage of sensitive data. Affected comp...

Positive Technologies•added 2020/12/17 12:0 a.m.•3 views

PT-2020-13586 · Nzxt · Nzxt Cam

Name of the Vulnerable Software and Affected Versions: NZXT CAM version 4.8.0 Description: An information disclosure issue exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality. A specially crafted I/O request packet IRP using the IRP 0x9c4060cc gives a low privilege user direct...