Nil Hardware Editor Hardware Read & Write Utility Arbitrary Read/Write Vulnerability in HwRwDrv.sys

A vulnerability in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility, version 1.25.11.26 and earlier, allows attackers to perform arbitrary read and write operations. This is achieved through a crafted request, exploiting the driver's capability to manipulate Model Specific Registers (MSRs) and physical memory, both of which can lead to unauthorized execution of kernel-level code.

Impact

Exploitation of this vulnerability could result in unauthorized kernel code execution, potentially allowing an attacker to gain elevated privileges on the system.

Reproduction

To reproduce this vulnerability, place the vulnerable driver in the 'C:\Users\Public' directory. Then, run the exploit as an Administrator. The proof-of-concept (PoC) included in the GitHub repository demonstrates the vulnerability by swapping the primary token of the current process to gain 'NT Authority\SYSTEM' privileges.