CVE-2023-0907

Filseclab Twister Antivirus IoControlCode ffsmon.sys 0x220017 denial of service

CVSS 4.4 MEDIUMEPSS 0.2%CWE-404

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.4EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

18 fev 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is the function 0x220017 in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221456.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Produtos afetados

Filseclab · Twister Antivirus

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-0907 https://vuldb.com/?ctiid.221456 https://vuldb.com/?id.221456