CVE-2021-41285 in MOD Utilityinformazioni

Riassunto

di MITRE • 04/10/2021

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Prenotare

15/09/2021

Divulgazione

04/10/2021

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.00520

KEV

no

Attività

molto basso

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!