CVE-2024-55414

Name of the Vulnerable Software and Affected Versions Motorola SM56 Modem WDM Driver version 6.12.23.0

Description A vulnerability exists in the SmSerl64.sys driver, allowing low-privileged users to map physical memory via specially crafted IOCTL requests. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. The signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.

Recommendations For Motorola SM56 Modem WDM Driver version 6.12.23.0, consider disabling the SmSerl64.sys driver until a patch is available to prevent exploitation. Restrict access to the IOCTL requests to minimize the risk of privilege escalation and code execution. Avoid using the driver for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.