4 matches found
CVE-2024-10972
Velocidex WinPmem (versions 4.1 and earlier) suffers from an Improper Input Validation vulnerability. The root cause is verification only at the start of a routine, enabling a userspace process with admin privileges to change memory page permissions mid-execution, potentially triggering a BSOD vi...
CVE-2024-10972 WinPmem Improper Input Validation vulnerability
Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s access right under the control of the user-mode application. This is due to verification only being...
CVE-2024-10972 WinPmem Improper Input Validation vulnerability
Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s access right under the control of the user-mode application. This is due to verification only being...
WinPmem 安全漏洞
WinPmem is an open source physical memory acquisition tool from Velocidex. A security vulnerability exists in WinPmem versions prior to 4.1, which stems from an information leak in the inPmem driver. An attacker can exploit the vulnerability to discover the location of the gCiOptions global symbo...