An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.
The vulnerability results from improper access control to the IOCTL interface (CWE-782 – Exposed IOCTL with Insufficient Access Control) in the kernel-mode driver ControlCenter.sys / ControlCenter64.sys. An attacker can send specially crafted IOCTL requests directly to the driver without the required permissions. This leads to reading sensitive information from kernel space, executing arbitrary code, or escalating privileges to SYSTEM level. Publicly available proof-of-concept (PoC) on GitHub confirms the exploitability of the vulnerability.
An attacker can gain full control over the victim's operating system, including executing arbitrary code in kernel context, escalating privileges to SYSTEM level, and accessing sensitive data stored in memory.
Apply patches available from the vendor in accordance with the references. Until the update is applied, it is recommended to restrict local access to devices with ThundeRobot Control Center installed and monitor attempts to send non-standard IOCTL requests to the driver.
ThundeRobot Control Center version 2.0.0.10 (ControlCenter.sys and ControlCenter64.sys components)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H