CVE-2018-19522

Name of the Vulnerable Software and Affected Versions DriverAgent version 2.2015.7.14

Description The issue allows a user to send an IOCTL (0x800020F4) with a buffer containing user-defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for partial input.

Recommendations For DriverAgent version 2.2015.7.14, consider disabling the DrvAgent64.sys driver until a patch is available to prevent potential exploitation. Restrict access to the IOCTL 0x800020F4 to minimize the risk of exploitation. Avoid using user-defined content in the buffer for the wrmsr instruction until the issue is resolved.