Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-31096

An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.

Published

2023-10-10T19:15:09.530

Last Modified

2024-11-21T08:01:24.497

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	broadcom	lsi_pci-sv92ex_firmware	≤ 2.2.100.1	Yes
Hardware	broadcom	lsi_pci-sv92ex	-	No

References

https://cschwarz1.github.io/posts/0x04/ Exploit, Third Party Advisory ([email protected])
https://www.broadcom.com Not Applicable ([email protected])
https://cschwarz1.github.io/posts/0x04/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.broadcom.com Not Applicable (af854a3a-2127-422b-91ae-364da2661108)