Enviar #833857: DVDFab DVDFab Virtual Drive 2.0.0.5 Local Privilege Escapationinformación

TítuloDVDFab DVDFab Virtual Drive 2.0.0.5 Local Privilege Escapation
DescripciónDVDFab Virtual Drive x.x.x.x ships the signed kernel driver dvdfabio.sys. The driver exposes \\.\DVDFabIO and implements registry proxy IOCTLs that open or create caller-selected native registry paths from kernel context. The returned registry handle is inserted into the caller's process handle table. Because the driver opens the key from kernel mode without enforcing the caller's normal registry access checks, a standard user can obtain a usable handle to protected HKLM keys. In the validation below, a standard user could not directly write to a protected HKLM test key and could not directly query `HKLM\SAM\SAM`; the same user used \\.\DVDFabIO to write the protected test key and to open/query HKLM\SAM\SAM.
Fuente⚠️ https://winslow1984.com/books/cve-collection/page/dvdfab-virtual-drive-kernel-driver-dvdfabiosys-local-privilege-escalation
Usuario
 winslow1984 (UID 79140)
Sumisión2026-05-20 07:07 (hace 2 meses)
Moderación2026-06-14 15:45 (25 days later)
EstadoAceptado
Entrada de VulDB370860 [DVDFab Virtual Drive 2.0.0.5 Signed Kernel Driver dvdfabio.sys escalada de privilegios]
Puntos20

Do you want to use VulDB in your project?

Use the official API to access entries easily!