PT-2019-1397 · Wibu Systems · Wibukey.Sys

Published

2019-01-28

Updated

2022-04-19

CVE-2018-3989

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WibuKey.sys version 6.40 (Build 2400)

Description A kernel memory disclosure issue exists in the 0x8200E804 IOCTL handler functionality. This is due to insufficient input validation, allowing an attacker to send a specially crafted IRP request and cause the driver to return uninitialized memory. As a result, this can lead to kernel memory disclosure.

Recommendations For WibuKey.sys version 6.40 (Build 2400), consider disabling the 0x8200E804 IOCTL handler functionality until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Buffer Overflow

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-119CWE-200

Related Identifiers

BDU:2019-00769

BDU:2019-00770

BDU:2019-00771

CVE-2018-3989

Affected Products

Wibukey.Sys

PT-2019-1397 · Wibu Systems · Wibukey.Sys

CVE-2018-3989

Weakness Enumeration

Related Identifiers

Affected Products

References · 11