CVE-2021-41285 in MOD Utilityالمعلومات

الملخص

بحسب MITRE • 04/10/2021

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

15/09/2021

إفشاء

04/10/2021

الاعتدال

تمت الموافقة

إدخال

VDB-183750

استغلال

تحميل

EPSS

0.00520

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!