CVE-2021-41285 in MOD Utilityinformation

Résumé

par MITRE • 04/10/2021

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Réserver

15/09/2021

Divulgation

04/10/2021

Modérer

accepté

Entrée

VDB-183750

CPE

prêt

Exploitation

Télécharger

EPSS

0.00520

KEV

non

Activités

très faible

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!