“Essentially, this allows attackers to overrun the buffer used by the driver.” “This function copies a string from the user input using ‘strncpy’ with a size parameter that is controlled by the user,” according to SentinelOne’s analysis, released on Tuesday. As the name suggests, IOCTL is a system call for device-specific input/output operations. It carries an 8.8 out of 10 rating on the CVSS scale, making it high-severity.Īccording to researchers, the vulnerability exists in a function inside the driver that accepts data sent from User Mode via Input/Output Control (IOCTL) it does so without validating the size parameter. The bug (CVE-2021-3438) has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year. If exploited, cyberattackers could bypass security products install programs view, change, encrypt or delete data or create new accounts with more extensive user rights. Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |