Lucene search

K
cvelistVulDBCVELIST:CVE-2023-1630
HistoryMar 25, 2023 - 11:31 a.m.

CVE-2023-1630 JiangMin Antivirus IOCTL kvcore.sys 0x222000 denial of service

2023-03-2511:31:03
CWE-404
VulDB
www.cve.org
vulnerability
jiangmin antivirus
16.2.2022.418
ioctl handler
local access

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

A vulnerability, which was classified as problematic, has been found in JiangMin Antivirus 16.2.2022.418. Affected by this issue is the function 0x222000 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224012.

CNA Affected

[
  {
    "vendor": "JiangMin",
    "product": "Antivirus",
    "versions": [
      {
        "version": "16.2.2022.418",
        "status": "affected"
      }
    ],
    "modules": [
      "IOCTL Handler"
    ]
  }
]

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2023-1630