Name of the Vulnerable Software and Affected Versions Secret Net and Secret Net Studio (affected versions not specified)

Description The issue is related to a kernel driver, specifically sncc0.sys, used in Secret Net and Secret Net Studio systems. It allows for the potential disclosure of information and manipulation of internal objects, such as the list of active protection components, from any user application. An attacker, acting locally, could exploit this to disrupt the proper functioning of the information protection system. This could potentially bypass some protection components by sending control commands to the driver from an application with "Local System" privileges and the filename "SnSrv", provided that no other connections to the driver are open at that moment.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.