Signalrgb Kernel Driver
Monthly
Local denial-of-service in the SignalRGB kernel driver (versions prior to 1.3.7.0) allows any process able to open a handle to the driver to crash the Windows kernel by sending an IOCTL with an empty input buffer. Seven of thirteen IOCTL handlers dereference the SystemBuffer pointer without a NULL check, producing a bugcheck (BSOD). No public exploit identified at time of analysis, EPSS is 0.14%, and a vendor patch is available.
Overly permissive access control on the SignalRGB kernel driver's device object exposes privileged IOCTL operations to any authenticated local user on Windows systems running versions prior to 1.3.7.0. The root cause is that the `\\.\SignalIo` device object is created without an explicit SDDL security descriptor and without the `FILE_DEVICE_SECURE_OPEN` flag, causing Windows to apply insecure default access controls. No public exploit or active exploitation has been identified at time of analysis; the EPSS score of 0.13% at the 3rd percentile reflects very low observed exploitation probability.
Local denial-of-service in the SignalRGB kernel driver (versions prior to 1.3.7.0) allows any process able to open a handle to the driver to crash the Windows kernel by sending an IOCTL with an empty input buffer. Seven of thirteen IOCTL handlers dereference the SystemBuffer pointer without a NULL check, producing a bugcheck (BSOD). No public exploit identified at time of analysis, EPSS is 0.14%, and a vendor patch is available.
Overly permissive access control on the SignalRGB kernel driver's device object exposes privileged IOCTL operations to any authenticated local user on Windows systems running versions prior to 1.3.7.0. The root cause is that the `\\.\SignalIo` device object is created without an explicit SDDL security descriptor and without the `FILE_DEVICE_SECURE_OPEN` flag, causing Windows to apply insecure default access controls. No public exploit or active exploitation has been identified at time of analysis; the EPSS score of 0.13% at the 3rd percentile reflects very low observed exploitation probability.