CVE-2019-16098
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
El controlador en Micro-Star MSI Afterburner versión 4.6.2.15658 (también se conoce como RTCore64.sys y RTCore32.sys), permite a cualquier usuario autenticado leer y escribir en memoria arbitraria, puertos I/O y MSR. Esto puede ser explotado para una escalada de privilegios, ejecución de código bajo altos privilegios y la divulgación de información. Estos controladores firmados también pueden ser usados para omitir la política de firma de los controladores de Microsoft para implementar código malicioso.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-09-08 CVE Reserved
- 2019-09-11 CVE Published
- 2023-03-08 EPSS Updated
- 2023-09-02 First Exploit
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
- CWE-787: Out-of-bounds Write
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/Barakat/CVE-2019-16098 | 2024-08-05 | |
| https://github.com/0xDivyanshu-new/CVE-2019-16098 | 2023-09-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Msi Search vendor "Msi" | Afterburner Search vendor "Msi" for product "Afterburner" | 4.6.2.15658 Search vendor "Msi" for product "Afterburner" and version "4.6.2.15658" | - |
Affected
| ||||||