Dungnm

**Name of the Vulnerable Software and Affected Versions** Realtek rtl81xx SDK Wi-Fi Driver (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Realtek rtl81xx SDK Wi-Fi driver. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this flaw. The vulnerability exists within the `MgntActSet TEREDO SET RS PACKET` function due to insufficient validation of user-supplied data length before copying it into a fixed-length heap-based buffer, potentially leading to arbitrary code execution in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Realtek RTL8811AU drivers (affected versions not specified) **Description** The Realtek RTL8811AU driver contains a heap-based buffer overflow in the `N6CSet DOT11 CIPHER DEFAULT KEY` function. This flaw occurs due to insufficient validation of user-supplied data length before copying it into a fixed-size heap buffer. Successful exploitation allows a local attacker to escalate privileges and execute arbitrary code with SYSTEM-level privileges. Exploitation requires the attacker to first have the ability to execute code on the target system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Realtek rtl81xx SDK Wi-Fi Driver rtwlanu (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Realtek rtl81xx SDK Wi-Fi driver. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this flaw. The vulnerability exists within the `N6CSet DOT11 CIPHER DEFAULT KEY` function due to insufficient validation of user-supplied data length before copying it to a fixed-length heap-based buffer, potentially leading to arbitrary code execution in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Realtek RTL8811AU drivers (affected versions not specified) **Description** A flaw exists within the `N6CQueryInformationHandleCustomized11nOids` function in Realtek RTL8811AU drivers. The issue is due to insufficient validation of user-supplied data, leading to a read past the end of an allocated buffer. This can allow local attackers to disclose sensitive information. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this issue. Exploitation of this vulnerability, in conjunction with other vulnerabilities, may lead to arbitrary code execution in the kernel context. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Realtek rtl81xx SDK Wi-Fi Driver rtwlanu (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Realtek rtl81xx SDK Wi-Fi driver. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this flaw. The vulnerability exists within the `N6CSet DOT11 CIPHER DEFAULT KEY` function due to insufficient validation of user-supplied data length before copying it to a fixed-length heap-based buffer, potentially leading to arbitrary code execution in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock (affected versions not specified) Description: A use after free issue exists in the Windows Ancillary Function Driver for WinSock that could allow an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock (affected versions not specified) Description: A null pointer dereference exists in the Windows Ancillary Function Driver for WinSock. This issue allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.