CVE-2018-6523

Name of the Vulnerable Software and Affected Versions nProtect AVS V4.0 versions prior to 4.0.0.39

Description The issue allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x22045c. This occurs due to a flaw in the driver file TKFsAv.SYS.

Recommendations For nProtect AVS V4.0 versions prior to 4.0.0.39, update to version 4.0.0.39 or later to resolve the issue. As a temporary workaround, consider restricting access to the TKFsAv.SYS driver file to minimize the risk of exploitation.