An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of privileges.
References
Link | Resource |
---|---|
http://www.pcanalyser.de/index.php/historie/ | Release Notes Vendor Advisory |
https://github.com/eset/vulnerability-disclosures | Third Party Advisory |
https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-28922/CVE-2020-28922.md | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-11-27 18:15
Updated : 2021-07-21 11:39
NVD link : CVE-2020-28922
Mitre link : CVE-2020-28922
CVE.ORG link : CVE-2020-28922
JSON object : View
Products Affected
pcanalyser
- pc_analyser
CWE