CVE-2024-1096

Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F,0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F,0x80112073, 0x80112077, 0x80112078, 0x8011207Cand 0x80112080IOCTL codes of the fildds.sysdriver.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Fluid AttacksCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
filseclabtwister_antivirus
8.17
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.filseclab.com/en-us/products/twister.htm
https://fluidattacks.com/advisories/holiday/
http://www.filseclab.com/en-us/products/twister.htm
https://fluidattacks.com/advisories/holiday/