exploitDog

GHSA-h7v5-c8v4-f6pp

Опубликовано: 10 июн. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.

An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.

Ссылки

EPSS

Процентиль: 10%

0.00035

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2024-34332

CVSS3: 7.8

nvd

больше 1 года назад

An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.

EPSS

Процентиль: 10%

0.00035

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-269