CVE-2023-1486 MEDIUM

CVE-2023-1486: Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control

Vendor Lespeed
Product WiseCleaner Wise Force Deleter
Weakness CWE-284
Published March 18, 2023
Last update August 2, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.

Key dates

02Disclosure timeline

March 18, 2023 CVE published
August 2, 2024 Record updated