PT-2024-19065 · Zemana · Zemana Antilogger
Andres Roldan
·
Published
2024-03-14
·
Updated
2025-01-23
·
CVE-2024-2180
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Zemana AntiLogger version 2.74.204.664
Description
The issue is a Memory Information Leak vulnerability that can be triggered by using the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers.
Recommendations
For Zemana AntiLogger version 2.74.204.664, consider disabling the vulnerable drivers zam64.sys and zamguard64.sys as a temporary workaround until a patch is available. Avoid triggering the 0x80002020 IOCTL code to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zemana Antilogger