CVE-2024-23439 HIGH

CVE-2024-23439: Vba32 Antivirus v3.36.0 - Arbitrary Memory Read

Vendor Virusblokada
Product Vba32 Antivirus
Weakness CWE-125
Published February 13, 2024
Last update May 19, 2025

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

What the vulnerability does

01Description

Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability by triggering the 0x22201B, 0x22201F, 0x222023, 0x222027 ,0x22202B, 0x22202F, 0x22203F, 0x222057 and 0x22205B IOCTL codes of the Vba32m64.sys driver.

Key dates

02Disclosure timeline

February 13, 2024 CVE published
May 19, 2025 Record updated