CVE-2020-15368

This repository contains a proof-of-concept exploit for CVE-2020-15368, targeting a vulnerable Asrock driver that allows arbitrary kernel code execution. The exploit demonstrates manual mapping of a driver and leveraging the vulnerable IOCTL to execute arbitrary payloads in kernel mode.

This is a proof-of-concept exploit for CVE-2020-15368, targeting ASRock motherboard drivers. The exploit leverages a vulnerability in the driver to achieve local privilege escalation (LPE) by manipulating kernel memory and executing arbitrary code in kernel mode.

KDU is a kernel driver utility that exploits vulnerable drivers to bypass security mechanisms like Driver Signature Enforcement (DSE) and Protected Process Light (PPL). It provides functionality to load unsigned drivers, modify process protections, and dump process memory by leveraging known vulnerable drivers from various vendors.