CVE-2019-16098 — HIGH (7.8)

Vulnerability Description

The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Msi	Afterburner	4.6.2.15658

Related Weaknesses (CWE)

CWE-787 CWE-125

References

https://github.com/Barakat/CVE-2019-16098ExploitThird Party Advisory
https://github.com/Barakat/CVE-2019-16098ExploitThird Party Advisory

FAQ

What is CVE-2019-16098?

CVE-2019-16098 is a vulnerability with a CVSS score of 7.8 (HIGH). The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited...

How severe is CVE-2019-16098?

CVE-2019-16098 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-16098?

Check the references section above for vendor advisories and patch information. Affected products include: Msi Afterburner.