Design/Logic Flaw

2019-03-1222:29:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow.

CPENameOperatorVersion
maplestory_onlineeq160.0

CPE	Name	Operator	Version
	maplestory_online	eq	160.0

References

github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation