Motorola SM56 Modem WDM Driver Privilege Escalation Vulnerability

A vulnerability in the Motorola SM56 Modem WDM Driver, specifically in the SmSerl64.sys file, version 6.12.23.0, allows low-privileged users to map physical memory through specially crafted IOCTL requests. This vulnerability can be exploited for privilege escalation, leading to code execution with elevated rights and unauthorized information disclosure. Additionally, these signed drivers could potentially bypass the Microsoft driver-signing policy to execute malicious code.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing low-privileged users to execute code with high privileges and access sensitive information.

Reproduction

The vulnerability can be reproduced by sending IOCTL requests to the affected driver. IOCTL codes 0x1B2890 and 0x1B2880 trigger the memory mapping operation, which can be exploited to access physical memory.