Описание
IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive.
Ссылки
- ExploitThird Party Advisory
- https://nafiez.github.io/security/vulnerability/2019/11/16/kyrol-internet-security-driver-issue.htmlExploitThird Party Advisory
- ExploitThird Party Advisory
- https://nafiez.github.io/security/vulnerability/2019/11/16/kyrol-internet-security-driver-issue.htmlExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:kyrolsecuritylabs:kyrol_internet_security:9.0.6.9:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00155
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive.
EPSS
Процентиль: 36%
0.00155
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732