CVE-2020-15368
published 2020-06-29CVE-2020-15368: AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero…
PriorityP279medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.35%
68.0th percentile
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
vulncheck5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7387-h76h-9m29: AsrDrv103
ghsa_unreviewed·2022-05-24
CVE-2020-15368 [LOW] GHSA-7387-h76h-9m29: AsrDrv103
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
VulnCheck
ASRock RGB Driver AsrDrv103.sys Triple Fault
vulncheck·2020·CVSS 5.5
CVE-2020-15368 [MEDIUM] ASRock RGB Driver AsrDrv103.sys Triple Fault
ASRock RGB Driver AsrDrv103.sys Triple Fault
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
Affected: asrock rgb_driver_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.bleepingcomputer.com/news/security/us-warns-of-govt-hackers-targeting-industrial-control-systems/; https://www.mandiant.com/resources/blog/incontroller-state-sponsored-ics-tool; https://cisa.gov/news-events/cybersecurity-advisories/aa22-103a; https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/Jimmy%20Wylie%20-%20Analyzing%20PIPEDREAM%20C
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-06-29
Published
Exploited in the wild