CVE-2024-55411

Published: Jan 7, 2025Modified: Jan 8, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests.

Related CWEs

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (2)

https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55411/CVE-2024-55411_snxpcamd.sys_README.md

Source: cve@mitre.org

https://www.sunix.com/tw/

Source: cve@mitre.org

Timeline

No history available yet.