CVE-2020-12446

HIGH

G.SKILL Trident Z Lighting Control <1.00.08 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-12446. PoCs published by enessakircolak, S1lkys.

AI-analyzed exploit summary This is a local privilege escalation (LPE) exploit for Windows 11 24H2, leveraging a kernel vulnerability (CVE-2020-12446) to escalate privileges by manipulating memory mappings and leaking kernel structures.

Description

The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O ports to local non-privileged users. This leads to privilege escalation to NT AUTHORITY\SYSTEM.

Exploits (3)

nomisec WORKING POC 5 stars

by enessakircolak · poc

https://github.com/enessakircolak/Windows-11-24h2-Kernel-Exploit

View Code ZIP pw:eip

This is a local privilege escalation (LPE) exploit for Windows 11 24H2, leveraging a kernel vulnerability (CVE-2020-12446) to escalate privileges by manipulating memory mappings and leaking kernel structures.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Windows 11 24H2 x64

No auth needed

Prerequisites: Access to a vulnerable Windows 11 24H2 system · Ability to execute arbitrary code on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by enessakircolak · poc

https://github.com/enessakircolak/CVE-2020-12446

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2020-12446, targeting a Windows kernel vulnerability. The code demonstrates memory mapping and kernel structure manipulation to achieve privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Windows 11 24h2 x64

No auth needed

Prerequisites: Access to the target system · Vulnerable Windows 11 24h2 x64 kernel

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Apr 10, 2026 Full analysis →

nomisec WORKING POC

by S1lkys · poc

https://github.com/S1lkys/Eneio64-LPE

View Code ZIP pw:eip

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2020-12446. The exploit leverages a vulnerable driver to map physical memory into userspace, leaks the System EPROCESS address via handle table enumeration, and patches the current process token to achieve SYSTEM privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Windows 11 21H2 (likely other versions)

Auth required

Prerequisites: Vulnerable driver access · Local user privileges

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Mar 02, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-003.md

View Writeup ZIP pw:eip

Scores

CVSS v3 7.8

EPSS 0.0050

EPSS Percentile 38.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

gskill/trident_z_lighting_control < 1.00.08

Published Apr 29, 2020

Tracked Since Feb 18, 2026