CVE-2019-19820

Published: Dec 16, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402405 using METHOD_NEITHER results in a read primitive.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://nafiez.github.io/security/vulnerability/2019/12/04/kyrol-internet-security-invalid-pointer-vulnerability.html

x_refsource_MISC

https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-12-04-kyrol-internet-security-invalid-pointer-vulnerability.md

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-19820

Description

Affected Products

References