CVE-2023-2871

Name of the Vulnerable Software and Affected Versions FabulaTech USB for Remote Desktop version 6.1.0.0

Description A vulnerability was found in the IoControlCode Handler component of FabulaTech USB for Remote Desktop, affecting the function 0x220448/0x220420/0x22040c/0x220408. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. This issue is related to errors in pointer dereferencing, which can allow an attacker to cause a denial of service.

Recommendations For FabulaTech USB for Remote Desktop version 6.1.0.0, as a temporary workaround, consider disabling the affected function 0x220448/0x220420/0x22040c/0x220408 of the IoControlCode Handler component until a patch is available. Restrict access to the IoControlCode Handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.