Takahiro Haruyama

**Nome do software vulnerável e versões afetadas** Versões do cg6kwin2k.sys anteriores à 2.1.7.0 **Descrição** O problema está relacionado a um IOCTL exposto com controle de acesso insuficiente no driver cg6kwin2k.sys. Isso permite que um usuário sem privilégios de administrador envie uma solicitação IOCTL específica e execute E/S em portas de hardware ou endereços físicos arbitrários, resultando potencialmente no apagamento ou alteração do firmware. **Recomendações** Para versões anteriores à 2.1.7.0, atualize para a versão 2.1.7.0 ou posterior para proteger o sistema. Como solução alternativa temporária, considere restringir o acesso ao manipulador IOCTL para minimizar o risco de exploração.

**Name of the Vulnerable Software and Affected Versions** AMD Radeon Graphics driver (affected versions not specified) **Description** The issue is related to improper privilege management in the AMD Radeon Graphics driver, which may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses, resulting in potential arbitrary code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WinFlash Driver versions prior to 4.5.0.0 TdkLib64.sys (affected versions not specified) **Description** The issue is related to insufficient access control in the Phoenix WinFlash Driver on Windows, allowing privilege escalation and modification of system firmware. This is due to exposed IOCTL with insufficient access control. The vulnerability may allow an attacker to read, modify, or delete data. **Recommendations** For WinFlash Driver versions prior to 4.5.0.0, update to version 4.5.0.0 or later to resolve the issue. For TdkLib64.sys, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle Fusion Middleware versions 8.3.7 through 8.4.1 Exchange Server 2007 Exchange Server 2010 Exchange Server 2013 **Description** The issue allows attackers to affect availability or execute remote code, depending on the context. For Exchange Server, the vulnerability could allow remote code execution as the LocalService account if a user views a specially crafted file through Outlook Web Access in a browser. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network. **Recommendations** For Oracle Fusion Middleware versions 8.3.7 through 8.4.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Exchange Server 2007, consider disabling the WebReady Document Viewing feature until a patch is available. For Exchange Server 2010, consider disabling the WebReady Document Viewing feature until a patch is available. For Exchange Server 2013, consider disabling the WebReady Document Viewing feature until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Oracle Fusion Middleware versions 8.3.7 through 8.4.1 Exchange Server 2013 (affected versions not specified) **Description** The issue affects the availability of the system. In the case of Exchange Server 2013, the vulnerability is related to the Data Loss Protection (DLP) feature and can cause the server to become unresponsive when a user views a specially crafted file through Outlook Web Access in a browser. For Oracle Fusion Middleware, the vulnerability is related to the Outside In Technology component, specifically Outside In Filters. **Recommendations** For Oracle Fusion Middleware versions 8.3.7 through 8.4.1, update to a version that addresses the issue. For Exchange Server 2013, avoid viewing specially crafted files through Outlook Web Access in a browser until a fix is available. As a temporary workaround, consider restricting access to the DLP feature in Exchange Server 2013 to minimize the risk of exploitation.