CVE-2018-8061

Name of the Vulnerable Software and Affected Versions: HWiNFO AMD64 Kernel driver version 8.98 and lower

Description: The issue allows an unprivileged user to send an IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.

Recommendations: For HWiNFO AMD64 Kernel driver version 8.98 and lower, consider restricting access to the IOCTL 0x85FE2608 until a patch is available. As a temporary workaround, limiting the ability of unprivileged users to interact with the device driver may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.