CVE-2021-41285 in MOD Utilityinformação

Sumário

de MITRE • 04/10/2021

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

15/09/2021

Divulgação

04/10/2021

Moderação

aceite

Entrada

VDB-183750

CPE

pronto

Exploração

Descarregar

EPSS

0.00520

KEV

não

Atividades

muito baixo

Fontes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!