Main Vulnerability Database Vulnerabilities #VU99974

#VU99974 Improper privilege management in Ballistix MOD Utility - CVE-2021-41285

Published: November 6, 2024

Vulnerability identifier: #VU99974

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2021-41285

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Ballistix MOD Utility

Software vendor:
Micron Technology

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper privilege management within the MODAPI.sys driver component. A local user can send a specially crafted IOCTL request and execute arbitrary code with elevated privileges

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://github.com/VoidSec/Exploit-Development/blob/master/windows/x64/kernel/crucial_Ballistix_MOD_Utility_v.2.0.2.5/crucial_Ballistix_MOD_Utility_v.2.0.2.5_memory_dump_PoC.cpp
https://voidsec.com/crucial-mod-utility-lpe-cve-2021-41285/

#VU99974 Improper privilege management in Ballistix MOD Utility - CVE-2021-41285

Description

Remediation

External links

Please verify you're human