Описание
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware.
EPSS
Процентиль: 7%
0.00027
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 6.1
github
почти 2 года назад
Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware.
EPSS
Процентиль: 7%
0.00027
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-522