CVE-2024-39251

Name of the Vulnerable Software and Affected Versions ThundeRobot Control Center version 2.0.0.10

Description The issue in the component ControlCenter.sys/ControlCenter64.sys allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.

Recommendations For ThundeRobot Control Center version 2.0.0.10, consider restricting access to the ControlCenter.sys and ControlCenter64.sys components to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.