CVE-2021-41285 in MOD Utilityinformación

Resumen

por MITRE • 2021-10-04

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2021-09-15

Divulgación

2021-10-04

Moderación

aceptado

Artículo

VDB-183750

CPE

listo

Explotación

Descargar

EPSS

0.00520

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!