Main Vulnerability Database SB2021100428

SB2021100428 - Privilege escalation in Ballistix MOD Utility

Published: October 4, 2021 Updated: November 6, 2024

Security Bulletin ID SB2021100428

CSH Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper privilege management (CVE-ID: CVE-2021-41285)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper privilege management within the MODAPI.sys driver component. A local user can send a specially crafted IOCTL request and execute arbitrary code with elevated privileges

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://github.com/VoidSec/Exploit-Development/blob/master/windows/x64/kernel/crucial_Ballistix_MOD_Utility_v.2.0.2.5/crucial_Ballistix_MOD_Utility_v.2.0.2.5_memory_dump_PoC.cpp
https://voidsec.com/crucial-mod-utility-lpe-cve-2021-41285/