PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Threat Intel: Attack Vector: Vulnerable Fan Driver (WinRing0x64 sys)

8d1e0d7a-165c-4ba4-bc06-59a8fc8ea705

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807.

Several modern fan-control programs for motherboards are still being shipped with a vulnerable driver

Remediation

Remove the driver.

Install new version of the software that uses this driver.

More information:

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1048
https://nvd.nist.gov/vuln/detail/cve-2020-14979
https://nvd.nist.gov/vuln/detail/CVE-2023-1048
https://nvd.nist.gov/vuln/detail/CVE-2023-1047
https://github.com/xmrig/xmrig/issues/3573

Mittre Att&ck: T1068, T1543, T1055
Nist 800-53 Rev.5: SI-2, RA-5, SI-7



Tags

threat-intel-desktop threat-intel-server security-desktop security-server cve-desktop-high cve-server-high mitre-att-desktop mitre-att-server nist800-53-desktop nist800-53-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.