CVE-2022-42046

Name of the Vulnerable Software and Affected Versions WFS, Inc HeavenBurnsRed version 2020.3.15.7141260

Description The issue allows for local privilege escalation through specially crafted IOCTL requests to wfshbr64.sys and wfshbr32.sys drivers. This can enable an arbitrary user to gain elevated privileges. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.

Recommendations For WFS, Inc HeavenBurnsRed version 2020.3.15.7141260, consider updating to a newer version that uses ObRegisterCallbacks instead of PPL to mitigate the risk of local privilege escalation. As a temporary workaround, consider restricting access to the wfshbr64.sys and wfshbr32.sys drivers until a patch is available. Avoid using the vulnerable IOCTL requests to the wfshbr64.sys and wfshbr32.sys drivers until the issue is resolved.