CVE-2023-1007

Published: Feb 24, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740.

Affected (1)

Products: Filseclab: Twister Antivirus

1 product

Twister Antivirus

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Filseclab Twister Antivirus	Version 8.17

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (8)

https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing

Source: cna@vuldb.com

Broken Link

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007

Source: cna@vuldb.com

ExploitPatchThird Party Advisory

https://vuldb.com/?ctiid.221740

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.221740

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://vuldb.com/?ctiid.221740

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.221740

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

Timeline

No history available yet.