CVE-2019-19197

Name of the Vulnerable Software and Affected Versions Kyrol Internet Security version 9.0.6.9

Description The issue concerns the IOCTL handling in the kyrld.sys driver, allowing an attacker to achieve privilege escalation, denial-of-service, and code execution. This is possible because the IOCTL code 0x9C402401 using METHOD NEITHER results in a read primitive, which can be exploited via usermode.

Recommendations For Kyrol Internet Security version 9.0.6.9, consider disabling the kyrld.sys driver as a temporary workaround until a patch is available. Restrict access to the IOCTL code 0x9C402401 to minimize the risk of exploitation. Avoid using the METHOD NEITHER method in the affected driver until the issue is resolved.