CVE-2020-15479 - Vulnerability Details - OpenCVE

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Passmark	Burnintest Osforensics Performancetest

Configuration 1 [-]

OR	cpe:2.3:a:passmark:burnintest::::::::
	cpe:2.3:a:passmark:osforensics::::::::
	cpe:2.3:a:passmark:performancetest::::::::

No data.

References

Link	Providers
https://github.com/eset/vulnerability-disclosures
https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
https://www.passmark.com/forum/index.php
https://www.passmark.com/support/index.php

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-08-07T20:04:23

Updated: 2024-08-04T13:15:20.701Z

Reserved: 2020-07-01T00:00:00

Link: CVE-2020-15479

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-08-07T21:15:10.473

Modified: 2024-11-21T05:05:35.987

Link: CVE-2020-15479

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-07T20:04:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/eset/vulnerability-disclosures"}, {"tags": ["x_refsource_MISC"], "url": "https://www.passmark.com/forum/index.php"}, {"tags": ["x_refsource_MISC"], "url": "https://www.passmark.com/support/index.php"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-15479", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/eset/vulnerability-disclosures", "refsource": "MISC", "url": "https://github.com/eset/vulnerability-disclosures"}, {"name": "https://www.passmark.com/forum/index.php", "refsource": "MISC", "url": "https://www.passmark.com/forum/index.php"}, {"name": "https://www.passmark.com/support/index.php", "refsource": "MISC", "url": "https://www.passmark.com/support/index.php"}, {"name": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md", "refsource": "MISC", "url": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:15:20.701Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/eset/vulnerability-disclosures"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.passmark.com/forum/index.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.passmark.com/support/index.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-15479", "datePublished": "2020-08-07T20:04:23", "dateReserved": "2020-07-01T00:00:00", "dateUpdated": "2024-08-04T13:15:20.701Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:passmark:burnintest:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCFF39A7-3802-4894-8F34-1229377FC16C", "versionEndIncluding": "9.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:passmark:osforensics:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AF580B6-AA3A-4067-A992-9F23909E8990", "versionEndIncluding": "7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:passmark:performancetest:*:*:*:*:*:*:*:*", "matchCriteriaId": "A037C148-281D-4C87-AFE8-7C692DE81C4B", "versionEndIncluding": "10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys."}, {"lang": "es", "value": "Se detect\u00f3 un problema en PassMark BurnInTest versiones hasta 9.1, OSForensics versiones hasta 7.1 y PerformanceTest versiones hasta 10. El manejador de peticiones IOCTL del controlador intenta copiar el b\u00fafer de entrada en la pila sin comprobar su tama\u00f1o y puede causar un desbordamiento del b\u00fafer. Esto podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo Ring-0 arbitraria y una escalada de privilegios. Esto afecta a las bibliotecas DirectIo32.sys y DirectIo64.sys"}], "id": "CVE-2020-15479", "lastModified": "2024-11-21T05:05:35.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-07T21:15:10.473", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/eset/vulnerability-disclosures"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.passmark.com/forum/index.php"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.passmark.com/support/index.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/eset/vulnerability-disclosures"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.passmark.com/forum/index.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.passmark.com/support/index.php"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}