PT-2017-14796 · Tg Soft · Vir.It Explorer Lite

Published

2017-12-08

Updated

2019-10-03

CVE-2017-17468

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TG Soft Vir.IT eXplorer Lite version 8.5.42

Description The issue allows local users to gain privileges or cause a denial of service through an Arbitrary Write request. This is achieved by sending a DeviceIoControl request of 0x82730020 to the .Viragtlt device.

Recommendations For TG Soft Vir.IT eXplorer Lite version 8.5.42, consider restricting access to the .Viragtlt device to minimize the risk of exploitation. As a temporary workaround, avoid using the DeviceIoControl request of 0x82730020 until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-17468

Affected Products

Vir.It Explorer Lite

PT-2017-14796 · Tg Soft · Vir.It Explorer Lite

CVE-2017-17468

Related Identifiers

Affected Products

References · 3