mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.7 KiB
1.7 KiB
CVE-2019-16098
Description
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
POC
Reference
Github
- https://github.com/0xDivyanshu-new/CVE-2019-16098
- https://github.com/0xT11/CVE-POC
- https://github.com/474172261/KDU
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Barakat/CVE-2019-16098
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
- https://github.com/JustaT3ch/Kernel-Snooping
- https://github.com/Ondrik8/exploit
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gabriellandau/EDRSandblast-GodFault
- https://github.com/h4rmy/KDU
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hfiref0x/KDU
- https://github.com/pravinsrc/NOTES-windows-kernel-links
- https://github.com/sl4v3k/KDU
- https://github.com/vls1729/Kernel-Snooping
- https://github.com/wavestone-cdt/EDRSandblast
- https://github.com/wildangelcult/was
- https://github.com/zeze-zeze/2023iThome
- https://github.com/zeze-zeze/CYBERSEC2023-BYOVD-Demo