Vulnerability Details CVE-2019-7244
An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x80112084 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
References
Products affected by CVE-2019-7244
-
cpe:2.3:a:aida64:aida64:-
-
cpe:2.3:a:aida64:aida64:2.00.1700
-
cpe:2.3:a:aida64:aida64:2.20.1800
-
cpe:2.3:a:aida64:aida64:2.30.1900
-
cpe:2.3:a:aida64:aida64:2.50.2000
-
cpe:2.3:a:aida64:aida64:2.60.2100
-
cpe:2.3:a:aida64:aida64:2.70.2200
-
cpe:2.3:a:aida64:aida64:2.80.2300
-
cpe:2.3:a:aida64:aida64:2.85.2400
-
cpe:2.3:a:aida64:aida64:3.00.2500
-
cpe:2.3:a:aida64:aida64:3.20.2600
-
cpe:2.3:a:aida64:aida64:4.00.2700
-
cpe:2.3:a:aida64:aida64:4.20.2800
-
cpe:2.3:a:aida64:aida64:4.30.2900
-
cpe:2.3:a:aida64:aida64:4.50.3000
-
cpe:2.3:a:aida64:aida64:4.60.3100
-
cpe:2.3:a:aida64:aida64:4.70.3200
-
cpe:2.3:a:aida64:aida64:5.00.3300
-
cpe:2.3:a:aida64:aida64:5.20.3400
-
cpe:2.3:a:aida64:aida64:5.30.3500
-
cpe:2.3:a:aida64:aida64:5.50.3600
-
cpe:2.3:a:aida64:aida64:5.60.3700
-
cpe:2.3:a:aida64:aida64:5.70.3800
-
cpe:2.3:a:aida64:aida64:5.75.3900
-
cpe:2.3:a:aida64:aida64:5.80.4000
-
cpe:2.3:a:aida64:aida64:5.90.4200
-
cpe:2.3:a:aida64:aida64:5.92.4300
-
cpe:2.3:a:aida64:aida64:5.95.4500
-
cpe:2.3:a:aida64:aida64:5.97.4600
-
cpe:2.3:a:aida64:aida64:5.98.4800