An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000.
References
Link | Resource |
---|---|
https://nephosec.com/biostar-exploit/ | Exploit Third Party Advisory |
https://nephosec.com/biostar-exploit/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://nephosec.com/biostar-exploit/ - Exploit, Third Party Advisory |
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
12 Jan 2022, 15:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-668 | |
CPE | cpe:2.3:a:biostar:racing_gt_evo:2.1.1905.1700:*:*:*:*:*:*:* | |
References | (MISC) https://nephosec.com/biostar-exploit/ - Exploit, Third Party Advisory |
01 Jan 2022, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-01 06:15
Updated : 2024-11-21 06:31
NVD link : CVE-2021-44852
Mitre link : CVE-2021-44852
CVE.ORG link : CVE-2021-44852
JSON object : View
Products Affected
biostar
- racing_gt_evo
CWE