Exploiting WRMSR in vulnerable drivers
Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at
raw_sources/windows-exploit-research/Exploiting WRMSR in vulnerable drivers.md.
Status: catalogued
Excerpt
— While researching driver vulnerabilities, I became interested in finding one myself. I came across a driver, from major chipset vendor, that had an IOCTL handler with the
wrmsrinstruction. This handler accepted the target MSR address and value from a user-mode application without any sanitization or access control. Although I had only read about this type of vulnerability and its potential…
Likely wiki targets
Pending — this source has not yet been distilled into wiki pages. Future ingest can populate links to the concept / technique / CVE pages this material would inform.