제출 #833857: DVDFab DVDFab Virtual Drive 2.0.0.5 Local Privilege Escapation정보

제목DVDFab DVDFab Virtual Drive 2.0.0.5 Local Privilege Escapation
설명DVDFab Virtual Drive x.x.x.x ships the signed kernel driver dvdfabio.sys. The driver exposes \\.\DVDFabIO and implements registry proxy IOCTLs that open or create caller-selected native registry paths from kernel context. The returned registry handle is inserted into the caller's process handle table. Because the driver opens the key from kernel mode without enforcing the caller's normal registry access checks, a standard user can obtain a usable handle to protected HKLM keys. In the validation below, a standard user could not directly write to a protected HKLM test key and could not directly query `HKLM\SAM\SAM`; the same user used \\.\DVDFabIO to write the protected test key and to open/query HKLM\SAM\SAM.
원천⚠️ https://winslow1984.com/books/cve-collection/page/dvdfab-virtual-drive-kernel-driver-dvdfabiosys-local-privilege-escalation
사용자
 winslow1984 (UID 79140)
제출2026. 05. 20. AM 07:07 (2 개월 ago)
모더레이션2026. 06. 14. PM 03:45 (25 days later)
상태수락
VulDB 항목370860 [DVDFab Virtual Drive 2.0.0.5 Signed Kernel Driver dvdfabio.sys 권한 상승]
포인트들20

Might our Artificial Intelligence support you?

Check our Alexa App!