CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
5.3 MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
filseclabtwister_antivirus
8.17
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007
https://vuldb.com/?ctiid.221740
https://vuldb.com/?id.221740
https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007
https://vuldb.com/?ctiid.221740
https://vuldb.com/?id.221740