Open PatrickSchmidtSE opened 1 year ago
GermanAizek
commented
1 year ago @SearchForTheCode, I didn't know about this, thank you so much for the information, I'll try to find out if there is this CVE in our sources. Is there no public POC exploit?
PatrickSchmidtSE
commented
1 year ago Youre welcome.
To me the problem seems to lie in the access which should use the secure methods.
Also here (https://github.com/LibreHardwareMonitor/LibreHardwareMonitor/issues/984) they suggest to change the _PHYSICAL_MEMORY_SUPPORT .
They did not do it , because you probably need to sign the driver new, and this seems to be complicated :/
There is an article from 2019 on how to exploit, because HP used the driver on ALL notebooks .. https://www.safebreach.com/resources/hp-touchpoint-analytics-dll-search-order-hijacking-potential-abuses-cve-2019-6333/
GermanAizek
commented
1 year ago @SearchForTheCode, to sign driver, an EV certificate is required, it is unlikely that I will be able to get it, since I am not a legal entity. But I am able to fix this CVE.
PatrickSchmidtSE
commented
1 year ago Yes, thats sadly true. Hard restrictions from MS here.
Currently all winRing0 drivers have an open CVE.
https://github.com/LibreHardwareMonitor/LibreHardwareMonitor/issues/984 https://www.cvedetails.com/cve/CVE-2020-14979/
Is this something, that could be adressed here?