CVE-2019-18845

HIGH

Patriot Viper RGB <1.1 - Memory Corruption

Title source: llm

Description

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.

Exploits (3)

nomisec WORKING POC 2 stars

by fengjixuchui · poc

https://github.com/fengjixuchui/CVE-2019-18845

View Code ZIP pw:eip

inthewild

poc

https://github.com/expflash/cve-2019-18845

View on inthewild

inthewild

poc

https://github.com/exploitables/cve-2019-18845

View on inthewild

References (1)

[Various Sources] https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-012.md

Scores

CVSS v3 7.1

EPSS 0.0009

EPSS Percentile 24.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-269

Status published

Products (1)

patriotmemory/viper_rgb_firmware 1.0

Published Nov 09, 2019

Tracked Since Feb 18, 2026