CVE-2017-6178

Name of the Vulnerable Software and Affected Versions USBPcap version 1.1.0.0

Description The issue allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference in the IofCallDriver function.

Recommendations For USBPcap version 1.1.0.0, consider restricting access to the IofCallDriver function until a patch is available. Avoid using the 0x00090028 IOCTL call in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.