CVE-2023-1679 MEDIUM

CVE-2023-1679: DriverGenius IOCTL mydrivers64.sys 0x9C40A108 memory corruption

Vendor N/A
Product DriverGenius
Weakness CWE-119
Published March 28, 2023
Last update August 2, 2024

CVSS base score

5.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability classified as critical was found in DriverGenius 9.70.0.346. This vulnerability affects the function 0x9C406104/0x9C40A108 in the library mydrivers64.sys of the component IOCTL Handler. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224236.

Key dates

02Disclosure timeline

March 28, 2023 CVE published
August 2, 2024 Record updated