Lucene search

[email protected]CVE-2020-36603

HistorySep 14, 2022 - 10:15 p.m.

CVE-2020-36603

2022-09-1422:15:11

[email protected]

web.nvd.nist.gov

genshin impact

mhyprot2.sys

anti-cheat driver

cve-2020-36603

vulnerability

windows

nvd

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

JSON

The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges.

Affected configurations

NVD

Node

hoyoversemhyprot2Match1.0.0.0

CPENameOperatorVersion
hoyoverse:mhyprot2hoyoverse mhyprot2eq1.0.0.0

CPE	Name	Operator	Version
hoyoverse:mhyprot2	hoyoverse mhyprot2	eq	1.0.0.0

References

github.com/kagurazakasanae/Mhyprot2DrvControl

github.com/kkent030315/evil-mhyprot-cli

web.archive.org/web/20211204031301/https://www.godeye.club/2021/05/20/001-disclosure-mhyprot.html

www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html

www.vice.com/en/article/y3p35w/hackers-are-using-anti-cheat-in-genshin-impact-to-ransom-victims

Social References

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

JSON

Related for CVE-2020-36603

prion1 cvelist1 nvd1