Name of the Vulnerable Software and Affected Versions Secret Net and Secret Net Studio (affected versions not specified)

Description The issue is related to a kernel driver vulnerability in the sncc0.sys driver, which is part of the Secret Net and Secret Net Studio information protection systems. This vulnerability involves the transmission of pointers from a user-mode application to the kernel driver through an IOCTL input buffer in the Sub 180009D50 function. Exploitation of this issue could allow a local attacker to bypass the driver signature enforcement mechanism (DSE) and elevate privileges from user level to kernel level by running a specially crafted user application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.