CVE-2020-9014

In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
epsoniprojection
𝑥
≤ 2.30
𝑥
= Vulnerable software versions
References
https://epson.com/Support/wa00935
https://epson.com/wireless-projector-app
https://github.com/FULLSHADE/Kernel-exploits
https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_NSAU.sys
https://epson.com/Support/wa00935
https://epson.com/wireless-projector-app
https://github.com/FULLSHADE/Kernel-exploits
https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_NSAU.sys