PT-2020-14087 · Microsoft · Windows Cleaning Assistant

Published

2020-06-30

Updated

2020-07-07

CVE-2020-14957

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows cleaning assistant version 3.2

Description The issue allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCD in the driver file AtpKrnl.sys.

Recommendations For Windows cleaning assistant version 3.2, consider restricting access to the AtpKrnl.sys driver file to minimize the risk of exploitation until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2020-14957

Affected Products

Windows Cleaning Assistant

PT-2020-14087 · Microsoft · Windows Cleaning Assistant

CVE-2020-14957

Weakness Enumeration

Related Identifiers

Affected Products

References · 5