CVE-2020-28922

Name of the Vulnerable Software and Affected Versions Devid Espenschied PC Analyser versions through 4.10

Description An issue was discovered that allows low-privilege users to read and write arbitrary physical memory due to the exposure of IOCTL functionality by the PCADRVX64.SYS kernel driver. This could lead to arbitrary Ring-0 code execution and escalation of privileges.

Recommendations For Devid Espenschied PC Analyser versions through 4.10, consider disabling the PCADRVX64.SYS kernel driver as a temporary workaround until a patch is available. Restrict access to the IOCTL functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.