Login Sign Up

CVE-2021-47786

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in Redragon Gaming Mouse drivers allows attackers to cause a kernel-level denial of service by sending specially crafted IOCTL requests. Attackers can crash the driver with a 2000-byte buffer containing specific byte patterns, potentially causing system instability or crashes. Users of affected Redragon gaming mice with the vulnerable driver installed are at risk.

💻 Affected Systems

Products:
  • Redragon Gaming Mouse devices with vulnerable driver
Versions: All versions prior to patch (specific version unknown)
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Requires the REDRAGON_MOUSE driver to be installed and active. Gaming mice from other manufacturers are not affected.

📦 What is this software?

Bm 4091 Firmware by Redragon

View all CVEs affecting Bm 4091 Firmware →

M602 Ks Firmware by Redragon

View all CVEs affecting M602 Ks Firmware →

M602a Rgb Firmware by Redragon

View all CVEs affecting M602a Rgb Firmware →

M602aw Rgb Firmware by Redragon

View all CVEs affecting M602aw Rgb Firmware →

M617 Lit Firmware by Redragon

View all CVEs affecting M617 Lit Firmware →

M712 Rgb Firmware by Redragon

View all CVEs affecting M712 Rgb Firmware →

M721 Firmware by Redragon

View all CVEs affecting M721 Firmware →

M725 Lit Firmware by Redragon

View all CVEs affecting M725 Lit Firmware →

M801p Rgb Firmware by Redragon

View all CVEs affecting M801p Rgb Firmware →

M816 Pro Firmware by Redragon

View all CVEs affecting M816 Pro Firmware →

M910 K Firmware by Redragon

View all CVEs affecting M910 K Firmware →

M910 Ks Firmware by Redragon

View all CVEs affecting M910 Ks Firmware →

M914w Rgb Firmware by Redragon

View all CVEs affecting M914w Rgb Firmware →

M915rgb Wl Firmware by Redragon

View all CVEs affecting M915rgb Wl Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or blue screen requiring reboot, potentially leading to data loss or system instability.

🟠

Likely Case

Local denial of service affecting mouse functionality and potentially causing system instability until reboot.

🟢

If Mitigated

Minimal impact with proper access controls preventing unauthorized users from sending IOCTL requests.

🌐 Internet-Facing: LOW - Requires local access or ability to send IOCTL requests to the device driver.
🏢 Internal Only: MEDIUM - Local attackers or malicious software could exploit this to cause system instability.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires local access to send IOCTL requests. Public proof-of-concept code is available on Exploit-DB and GitHub.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.redragonzone.com/

Restart Required: Yes

Instructions:

1. Check Redragon website for driver updates
2. Download and install latest driver
3. Restart system
4. Verify driver version is updated

🔧 Temporary Workarounds

Restrict driver access

windows

Modify permissions to prevent unauthorized users from accessing the REDRAGON_MOUSE device

Uninstall vulnerable driver

windows

Remove the Redragon mouse driver and use generic HID drivers instead

Control Panel > Device Manager > Mice and other pointing devices > Right-click Redragon device > Uninstall device

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized users from sending IOCTL requests
  • Monitor for unusual driver crashes or system instability events

🔍 How to Verify

Check if Vulnerable:

Check if REDRAGON_MOUSE device exists in Device Manager and driver version is outdated

Check Version:

Driver version can be checked in Device Manager > Properties > Driver tab

Verify Fix Applied:

Verify latest driver version from Redragon website is installed and device functions normally

📡 Detection & Monitoring

Log Indicators:

  • System crashes (Event ID 41)
  • Driver failure events
  • Unexpected system reboots

Network Indicators:

  • Local IOCTL requests to REDRAGON_MOUSE device

SIEM Query:

EventID=41 OR (Source="System" AND EventID=7031) AND Description contains "REDRAGON"

📊 Metadata

CVE ID: CVE-2021-47786
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-787
EPSS Score: 0.03% exploit probability (8.4th percentile)
Published: January 16, 2026
Last Updated: February 9, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47786, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)