CVE-2007-5633

Name of the Vulnerable Software and Affected Versions SpeedFan version 4.33

Description The issue allows local users to read or write arbitrary MSRs, gain privileges, and load unsigned drivers via specific IOCTLs to Devicespeedfan. This can be achieved through the IOCTL RDMSR 0x9C402438 and IOCTL WRMSR 0x9C40243C IOCTLs. An example of exploitation is an IOCTL WRMSR action on MSR LSTAR.

Recommendations For SpeedFan version 4.33, consider disabling the IOCTL RDMSR and IOCTL WRMSR functions to minimize the risk of exploitation until a patch is available. Restrict access to the Devicespeedfan device to prevent unauthorized actions.