إرسال #156135: USB for Remote Desktop, ftusbbus2.sys, DoS (edit: download URL)المعلومات

عنوانUSB for Remote Desktop, ftusbbus2.sys, DoS (edit: download URL)
الوصفVersion: USB for Remote Desktop x.x.x.x, ftusbbus2.sys x.x.x.x https://www.fabulatech.com/usb-for-remote-desktop-action.html Impact: Denial of Service Description: From IoControlCode 0x220448, 0x220420, 0x22040c, and 0x220408, a normal user can cause null pointer dereference due to the lack of validating SystemBuffer. Reproduce: In the attached file DoS.zip, there are DoS.exe, DoS.cpp, usb-for-remote-desktop-server-64bit.msi, and ftusbbus2.sys. DoS.exe is the PoC to cause BSOD where usb-for-remote-desktop-server-64bit.msi contains the vulnerable driver ftusbbus2.sys installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, install usb-for-remote-desktop-server-64bit.msi and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS https://drive.google.com/file/d/1Y8e5f0AjddrozLv155r9cNhkXwwwZbYE/view?usp=sharing
المصدر⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned46
المستخدم
 Zeze7w (UID 40823)
ارسال13/05/2023 02:04 PM (3 سنوات منذ)
الاعتدال24/05/2023 07:08 PM (11 days later)
الحالةتمت الموافقة
إدخال VulDB229850 [FabulaTech USB for Remote Desktop 6.1.0.0 IoControlCode 0x220448/0x220420/0x22040c/0x220408 الحرمان من الخدمة]
النقاط20

Want to know what is going to be exploited?

We predict KEV entries!