PT-2022-2171 · Kingsoft · Kingsoft Internet Security 9 Plus

Satoshi Tanda

Published

2022-01-06

Updated

2022-03-23

CVE-2022-25949

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions KINGSOFT Internet Security 9 Plus version 2010.06.23.247

Description The issue is related to the kernel mode driver kwatch3, which fails to properly handle crafted inputs. This failure leads to a stack-based buffer overflow. The exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For KINGSOFT Internet Security 9 Plus version 2010.06.23.247, consider disabling the kwatch3 driver as a temporary workaround until a patch is available. Restrict access to the kwatch3 driver to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2022-02182

CVE-2022-25949

Affected Products

Kingsoft Internet Security 9 Plus

PT-2022-2171 · Kingsoft · Kingsoft Internet Security 9 Plus

CVE-2022-25949

Weakness Enumeration

Related Identifiers

Affected Products

References · 9