CVE-2018-6522

Name of the Vulnerable Software and Affected Versions nProtect AVS V4.0 versions prior to 4.0.0.39

Description The issue allows local users to cause a denial of service, potentially resulting in a Blue Screen of Death (BSOD), due to the driver file TKRgFtXp.SYS not validating input values from the IOCtl 0x220408. This could possibly have other unspecified impacts.

Recommendations For nProtect AVS V4.0 versions prior to 4.0.0.39, update to version 4.0.0.39 or later to resolve the issue. As a temporary workaround, consider restricting access to the TKRgFtXp.SYS driver file to minimize the risk of exploitation.