H0Mbre

**Name of the Vulnerable Software and Affected Versions** FinalWire AIRDA Extreme versions 7.00.6700 and before AIDA64 Engineer versions 7.00.6700 and before AIDA64 Business versions 7.00.6700 and before AIDA64 Network Audit versions 7.00.6700 and before **Description** An issue in the mentioned software allows a local attacker to escalate privileges via the `DeviceIoControl` call associated with components such as `MmMapIoSpace`, `IoAllocateMdl`, `MmBuildMdlForNonPagedPool`, or `MmMapLockedPages`. **Recommendations** For versions 7.00.6700 and before of FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, and AIDA64 Network Audit, consider disabling the `DeviceIoControl` call associated with the vulnerable components as a temporary workaround until a patch is available. Restrict access to the `MmMapIoSpace`, `IoAllocateMdl`, `MmBuildMdlForNonPagedPool`, and `MmMapLockedPages` components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SiSoftware SANDRA versions prior to v31.67 **Description** An issue in SiSoftware SANDRA allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API. **Recommendations** For SiSoftware SANDRA versions prior to v31.67, update to a version newer than v31.66 to resolve the issue. As a temporary workaround, consider restricting access to the Kernel Driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MSI Dragon Center version 2.0.104.0 **Description** The issue is related to the MODAPI.sys driver in the MSI Dragon Center software, which allows low-privileged users to access kernel memory. This could potentially enable an attacker to escalate their privileges. The vulnerability can be exploited via a crafted IOCTL 0x9c406104 call, which provides the MmMapIoSpace feature for mapping physical memory. **Recommendations** For MSI Dragon Center version 2.0.104.0, consider disabling the MODAPI.sys driver as a temporary workaround until a patch is available. Restrict access to the IOCTL 0x9c406104 call to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.