Doublelabyrinth

**Name of the Vulnerable Software and Affected Versions** Shanda MapleStory Online version V160 **Description** The issue arises from the SdoKeyCrypt.sys driver, which fails to validate the IOCtl 0x8000c01c input value. This oversight leads to an integer signedness error and a heap-based buffer underflow, ultimately allowing privilege escalation to NT AUTHORITYSYSTEM. **Recommendations** For Shanda MapleStory Online version V160, consider disabling the SdoKeyCrypt.sys driver as a temporary workaround until a patch is available. Restrict access to the IOCtl 0x8000c01c to minimize the risk of exploitation.