PT-2019-1398 · Wibu Systems · Wibukey.Sys
Published
2019-01-28
·
Updated
2022-04-19
·
CVE-2018-3990
CVSS v3.1
9.3
Critical
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WibuKey.sys version 6.40 (Build 2400)
Description
The issue is related to a buffer overflow in the 0x8200E804 IOCTL handler functionality of WibuKey.sys. This can be exploited by sending a specially crafted IRP request, leading to kernel memory corruption and potentially allowing privilege escalation.
Recommendations
For version 6.40 (Build 2400), consider disabling the 0x8200E804 IOCTL handler functionality until a patch is available to prevent potential exploitation. Restrict access to the WibuKey.sys module to minimize the risk of kernel memory corruption. Avoid using specially crafted IRP requests to the 0x8200E804 IOCTL handler until the issue is resolved.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wibukey.Sys