EUVD-2020-5769

Malware in sbrugna...

EUVD-2020-5770

Malware in sbrugna...

CVE-2020-13523

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

CVE-2020-13522

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability...

Vulnerability Spotlight: Two vulnerabilities in SoftPerfect RAM Disk

A Cisco Talos researcher discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos researchers recently discovered that a specific driver in the SoftPerfect RAM disk could allow an adversary to delete files on an arbitrary basis and disclose sensitive information. SoftPerfect RAM Disk is a...

CVE-2020-13522

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability...

CVE-2020-13522

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability...

Arbitrary file deletion

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability...

CVE-2020-13523

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

CVE-2020-13522

CVE-2020-13522 affects SoftPerfect RAM Disk 4.1, specifically the spvve.sys driver. A vulnerable device object (Device\SoftPerfectVolume) can be targeted by an unprivileged user via a crafted IRP (IOCTL 0x222004) to perform arbitrary file deletion on the system. Talos confirms affected versions a...

SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability

Talos Vulnerability Report TALOS-2020-1122 SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability August 4, 2020 CVE Number CVE-2020-13523 SUMMARY An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I...

SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability

Talos Vulnerability Report TALOS-2020-1121 SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability August 4, 2020 CVE Number CVE-2020-13522 SUMMARY An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O...