CVE-2020-22057 — CRITICAL (9.1)

Vulnerability Description

The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Evga	Precision Xoc	6.2.7

References

https://gist.github.com/hfiref0x/859f88bfa8adde49ea16fad7d58e3b37Third Party Advisory
https://gist.github.com/hfiref0x/859f88bfa8adde49ea16fad7d58e3b37Third Party Advisory

FAQ

What is CVE-2020-22057?

CVE-2020-22057 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensit...

How severe is CVE-2020-22057?

CVE-2020-22057 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-22057?

Check the references section above for vendor advisories and patch information. Affected products include: Evga Precision Xoc.