SUNIX Serial Driver Privilege Escalation Vulnerability Allowing Arbitrary I/O Port Access
Vulnerability
A vulnerability in the SUNIX Serial Driver x64 version 10.1.0.0 has been identified in the driver file snxpsamd.sys. This vulnerability allows low-privileged users to read and write to arbitrary I/O ports by sending specially crafted IOCTL requests. The issue can be exploited for privilege escalation, enabling code execution with elevated rights, and unauthorized information disclosure. Additionally, these signed drivers could potentially circumvent the Microsoft driver-signing policy to execute malicious code.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing low-privileged users to execute code with high privileges. It also poses a risk of information disclosure.
Reproduction
The vulnerability can be reproduced by sending crafted IOCTL requests to the SUNIX Serial Driver snxpsamd.sys. This can be done using a custom application or script that targets the specific IOCTL codes associated with the vulnerability. The driver must be installed and loaded on the system.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.