Local Privilege Escalation Vulnerability in Broadcom LSI Soft Modem Driver
CVE-2023-31096
7.8HIGH
What is CVE-2023-31096?
A vulnerability exists in the Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver that allows an attacker to escalate privileges to the SYSTEM level via a stack overflow condition in RTLCopyMemory. This flaw enables exploitation from a medium-integrity process, which can circumvent kernel-level protections, including antivirus and protected process light (PPL) measures. The elevated privileges gained can be utilized in orchestrated ransomware attacks, particularly through bring-your-own-vulnerable-driver (BYOVD) tactics.