Vulnerability Details : CVE-2020-22057
The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data.
Products affected by CVE-2020-22057
- cpe:2.3:a:evga:precision_xoc:6.2.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-22057
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-22057
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST | |
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
3.9
|
5.2
|
NIST |
References for CVE-2020-22057
-
https://gist.github.com/hfiref0x/859f88bfa8adde49ea16fad7d58e3b37
EVGA PrecisionX OC 6.2.7 wormhole driver ยท GitHubThird Party Advisory
Jump to