CVE-2018-8060

Name of the Vulnerable Software and Affected Versions: HWiNFO AMD64 Kernel driver version 8.98 and lower

Description: The issue allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic, also known as a Blue Screen. This issue affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name.

Recommendations: For HWiNFO AMD64 Kernel driver version 8.98 and lower, update to a version higher than 8.98 to resolve the issue. As a temporary workaround, consider restricting access to the IOCTLs higher than 0x85FE2600 to minimize the risk of exploitation.