PT-2022-26979 · Callback Technologies · Cbfs Filter
Emmanuel Tacheau
·
Published
2022-11-28
·
Updated
2023-02-07
·
CVE-2022-43589
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Callback technologies CBFS Filter version 20.0.8317
Description
A null pointer dereference issue exists in the
handle ioctl 8314C functionality. This can be triggered by a specially crafted I/O request packet (IRP), leading to denial of service. An attacker can exploit this by issuing an ioctl.Recommendations
For version 20.0.8317, consider disabling the
handle ioctl 8314C functionality as a temporary workaround until a patch is available. Restrict access to the ioctl functionality to minimize the risk of exploitation.Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cbfs Filter