Lucene search

[email protected]CVE-2024-0788

HistoryJan 29, 2024 - 5:15 p.m.

CVE-2024-0788

2024-01-2917:15:09

NVD-CWE-noinfo

CWE-20

[email protected]

web.nvd.nist.gov

cve-2024-0788

nvd

vulnerability

kernel-level

api

manipulation

dos

saskutil64.sys driver

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.4%

JSON

SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.

CPENameOperatorVersion
realdefen:superantispywarerealdefen superantispywareeq10.0.1260

CPE	Name	Operator	Version
realdefen:superantispyware	realdefen superantispyware	eq	10.0.1260

References

fluidattacks.com/advisories/brubeck/

www.superantispyware.com/professional-x-edition.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.4%

JSON

Related for CVE-2024-0788

prion1