Gửi #835611: EaseUS Partition Master Kernel Driver epmntdrv.sys 14.5 Local Privilege Escapationthông tin

tiêu đềEaseUS Partition Master Kernel Driver epmntdrv.sys 14.5 Local Privilege Escapation
Mô tảEaseUS Partition Master installs and loads epmntdrv.sys, which exposes a legacy device path of the form \\.\EPMNTDRV\<disk>. A standard local user can open this device, bind it to a caller-selected physical disk, and issue raw reads and writes through the driver. In the validation below, a standard user at Medium Integrity could not directly read or write an administrator-only flag file on a temporary VHD and could not directly open \\.\PhysicalDrive1. The same user opened \\.\EPMNTDRV\1, read the protected file's NTFS data clusters, then overwrote those same clusters with a marker. Administrator readback from the protected file confirmed the write. An unprivileged user can exploit arbitrary read/write primitives over protected file resources to achieve local privilege escalation.
Nguồn⚠️ https://winslow1984.com/books/cve-collection/page/easeus-partition-master-145-kernel-driver-epmntdrvsys-local-privilege-escalation
Người dùng
 winslow1984 (UID 79140)
Đệ trình22/05/2026 07:35 (cách đây 2 các tháng)
Kiểm duyệt20/06/2026 11:40 (29 days later)
Trạng tháiđược chấp nhận
Mục VulDB372522 [EaseUS Partition Master đến 14.5 Kernel Driver epmntdrv.sys nâng cao đặc quyền]
điểm20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!