CVE-2023-1628 MEDIUM

CVE-2023-1628: Jianming Antivirus IoControlCode kvcore.sys null pointer dereference

Vendor Jianming

Product Antivirus

Weakness CWE-476

Published March 25, 2023

Last update February 19, 2025

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

March 25, 2023 CVE published

February 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1628 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/476.html

Related vulnerabilities

CVE-2023-1628: Jianming Antivirus IoControlCode kvcore.sys null pointer dereference

01Description

02Disclosure timeline

03References

04Related CVE