CVE-2018-16720

Name of the Vulnerable Software and Affected Versions: Jingyun Antivirus version 2.4.2.39

Description: The issue allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. This is because the driver file ZySandbox.sys does not validate input values from IOCtl 0x1236001c.

Recommendations: For Jingyun Antivirus version 2.4.2.39, consider updating the driver file ZySandbox.sys to a version that properly validates input values from IOCtl 0x1236001c to prevent the denial of service or other potential impacts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.