// For flags

CVE-2019-15663

 

Severity Score

2.7
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120404 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an out-of-bounds read that can be used as part of a chain to escalate privileges (issue 1 of 2).

Se detectó un problema en Rivet Killer Control Center versiones anteriores a 2.1.1352. Una IOCTL 0x120404 en la biblioteca KfeCo10X64.sys presentó un fallo al comprobar un desplazamiento pasado como un parámetro durante una operación de la memoria, conllevando a una lectura fuera de límites que puede ser usada como parte de una cadena para escalar privilegios (problema 1 de 2).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-08-27 CVE Reserved
  • 2020-03-20 CVE Published
  • 2024-08-05 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Killernetworking
Search vendor "Killernetworking"
 Killer Control Center
Search vendor "Killernetworking" for product "Killer Control Center"
 < 2.1.1352
Search vendor "Killernetworking" for product "Killer Control Center" and version " < 2.1.1352"
-
Affected