Yarden Shafir

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue allows attackers to obtain sensitive information and affect the system. It is related to a memory information disclosure in the Windows kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of registration data in the Windows kernel, which can be exploited to disclose protected information. This allows attackers to obtain sensitive information and potentially affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient protection of registration data in the Windows kernel, which can be exploited to disclose protected information. This can allow an attacker to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue allows attackers to obtain sensitive information and affect the system. It is related to a memory information disclosure in the Windows kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue allows attackers to obtain sensitive information and affect the system. It is related to a memory information disclosure in the Windows kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** A vulnerability allows attackers to obtain sensitive information and affect the system. This issue is related to the disclosure of memory information in the Windows kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell dbutil 2 3.sys driver (affected versions not specified) **Description** The Dell dbutil 2 3.sys driver contains an insufficient access control vulnerability, which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. This issue has been exploited by the Lazarus group in a spy campaign, where they used a technique called Bring Your Own Vulnerable Driver (BYOVD) to install a legitimate but vulnerable driver on the victim's device. The vulnerability was then exploited to read and write kernel memory, allowing the attackers to disable security monitoring and execute commands with kernel-level privileges. The campaign targeted individuals in the aerospace industry in the Netherlands and political journalists in Belgium. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.