CVE-2018-5701

Опубликовано: 31 янв. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.

Ссылки

http://packetstormsecurity.com/files/146165/System-Shield-5.0.0.136-Privilege-Escalation.html
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43929/
Third Party Advisory
VDB Entry
https://www.greyhathacker.net/?p=1006
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/146165/System-Shield-5.0.0.136-Privilege-Escalation.html
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43929/
Third Party Advisory
VDB Entry
https://www.greyhathacker.net/?p=1006
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iolo:system_shield:5.0.0.136:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19659

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-5pcp-jwf5-3c2g