Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
NZXT’s CAM computer monitoring software contains multiple vulnerabilities an attacker could use to carry out a range of malicious actions. CAM provides users information on their machines, such as fan speeds, temperature, RAM usage and network activity. The software also holds an inventory of all peripheral devices installed in the PC at a given time.
A specific driver on this software contains several vulnerabilities Cisco Talos recently discovered. If exploited, a malicious user could carry out such actions on the victim machine as elevating their privileges and disclosing sensitive information.
In accordance with our coordinated disclosure policy, Cisco Talos worked with NZXT to disclose these vulnerabilities and ensure that an update is available.
Vulnerability details
NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability (TALOS-2020-1110/CVE-2020-13509 - CVE-2020-13511)
An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.
NZXT CAM WinRing0x64 driver privileged I/O write IRPs privilege escalation vulnerability (TALOS-2020-1111/CVE-2020-13512 - CVE-2020-13514)
..
Support the originator by clicking the read the rest link below.
