CVE-2020-13519

HIGH

NZXT CAM 4.8.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-13519. PoCs published by SpiralBL0CK.

AI-analyzed exploit summary This PoC exploits CVE-2020-13519 by writing to the MSR (Model-Specific Register) via the WinRing0 driver, causing a BSOD (Denial of Service). It demonstrates the vulnerability by corrupting the LSTAR MSR, which is used for system call handling.

Description

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability.

Exploits (1)

nomisec WORKING POC 4 stars

by SpiralBL0CK · poc

https://github.com/SpiralBL0CK/poc-for-CVE-2020-13519-still-under-construction-

View Code ZIP pw:eip

This PoC exploits CVE-2020-13519 by writing to the MSR (Model-Specific Register) via the WinRing0 driver, causing a BSOD (Denial of Service). It demonstrates the vulnerability by corrupting the LSTAR MSR, which is used for system call handling.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: WinRing0 driver (version 1.2.0)

No auth needed

Prerequisites: WinRing0 driver installed · Local access to the system

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1116

Scores

CVSS v3 8.8

EPSS 0.0057

EPSS Percentile 42.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-269 CWE-862

Status published

Products (1)

nzxt/cam 4.8.0

Published Dec 18, 2020

Tracked Since Feb 18, 2026