CVE-2023-1489 HIGH

CVE-2023-1489: Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C402088 access control

Vendor Lespeed
Product WiseCleaner Wise System Monitor
Weakness CWE-284
Published March 18, 2023
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is the function 0x9C402088 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223375.

Key dates

02Disclosure timeline

March 18, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2019-9530 The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files CVE-2023-1834 Rockwell Automation Kinetix 5500 Vulnerable to Open Port Exploitation CVE-2024-49842 Improper Access Control in Hypervisor CVE-2025-58714 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2024-21666 Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list