Impact
The SignalRGB kernel driver fails to assign an explicit SDDL security descriptor and does not enable FILE_DEVICE_SECURE_OPEN when creating the \\.\SignalIo device object. This oversight results in an overly permissive default access control list that allows any authenticated local user to obtain a handle to the device and issue privileged IOCTL commands. Consequently, malicious local users can invoke driver‑specific operations that affect hardware settings or potentially execute privileged code on the kernel level.
Affected Systems
SignalRGB kernel driver versions earlier than 1.3.7.0 on Windows operating systems are impacted. The vulnerability is limited to the driver that manages the \\.\SignalIo device under these platforms.
Risk and Exploitability
The EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, indicating a low probability of widespread exploitation. Nevertheless, the flaw can be leveraged by any local authenticated user with no additional prerequisites. The CVSS score of 5.3 indicates moderate severity; if exploited, the attacker could alter hardware configuration or elevate privileges within the local system. The likely attack vector is local, requiring only access to a machine where the vulnerable driver is installed.
OpenCVE Enrichment