Описание
HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.98 (включая)
cpe:2.3:a:hwinfo:amd64_kernel_driver:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.1
github
больше 3 лет назад
HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.
EPSS
Процентиль: 18%
0.00056
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-119