Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1591 — Improper Input Validation in Rising Antivirus

CWE-20 — Improper Input Validation4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 78.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Rising-global Rising Antivirus
Timeline
PublishedApr 28
Latest updateMay 17

Description

Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

â–¶NVDrising-global/rising_antivirus2008, 2009, 2010+2

🔴Vulnerability Details

2
GHSA
GHSA-6m4q-47fc-c7jm: Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows↗2022-05-17
â–¶
CVEList
CVE-2010-1591: Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows↗2010-04-28
â–¶

💥Exploits & PoCs

1
Exploit-DB
Rising AntiVirus 2008/2009/2010 - Local Privilege Escalation↗2010-01-28
â–¶
CVE-2010-1591 — Improper Input Validation | cvebase