CVE-2024-33226

An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.9 CRITICAL
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.9 CRITICAL
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Common Weakness Enumeration
References
https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226
https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226