CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

EUVD-2025-206386

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CPUID CPU-Z security vulnerabilities

CPUID CPU-Z is a system hardware information detection tool developed by CPUID Corporation. Versions of CPUID CPU-Z prior to v2.17 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation by the kernel driver for values provided by users through the IOCTL...

PT-2026-4982

Name of the Vulnerable Software and Affected Versions CPU-Z versions 2.17 and earlier Description The kernel driver of CPUID CPU-Z does not validate user-supplied values passed via its IOCTL interface. This allows an attacker to access sensitive information by sending a crafted request. The...

EUVD-2017-6759

Malware in sbrugna...

CPUID CPU-Z 安全漏洞

CPUID CPU-Z is a system hardware information detection tool from CPUID. A security vulnerability exists in CPUID CPU-Z version 1.0.5.4, which stems from unverified parameters allowing modification of MSRLSTAR and hook KiSystemCall64...

CPUID CPU-Z Arbitrary Read/Write Privilege Elevation Vulnerability

CPUID CPU-Z is a free software package for collecting information about system devices. A security vulnerability exists in versions of CPUID CPU-Z prior to 1.43, which originates from a program that can send ioctl 0x9C402430 calls to the kernel mode driver to exploit the vulnerability by writing ...

Information disclosure

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...

Code injection

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

CVE-2017-15303

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...

CVE-2017-15303

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

CVE-2017-15303

CVE-2017-15303 affects CPUID CPU-Z prior to 1.43. The flaw allows an arbitrary memory write via an ioctl 0x9C402430 to the kernel-mode driver (cpuz141_x64.sys for v1.41), enabling local elevation of privileges on the same host. This is a kernel-space write condition originating from userland inte...

CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...