CVE-2018-5701
CVE-2018-5701
Vexday Risk Score
28Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Proof of concept
Public proof of concept exists, but not yet automated.
CVSS —EPSS 18.5%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
30 Jan 2018Public PoC
31 Jan 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencepacketstormsecurity.com/files/146165/System-Shield-5.0.0.136-Privilege-Escalation.htmlunverifiedcve_referencewww.exploit-db.com/exploits/43929/unverifiedexploitdbwww.exploit-db.com/exploits/51044unverifiedexploitdbwww.exploit-db.com/exploits/43929unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.