CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Unknown threat actors compromised CPUID "cpuid.com", a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

EUVD-2025-206386

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CVE-2025-65264

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request...

CPUID CPU-Z security vulnerabilities

CPUID CPU-Z is a system hardware information detection tool developed by CPUID Corporation. Versions of CPUID CPU-Z prior to v2.17 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation by the kernel driver for values provided by users through the IOCTL...

CVE-2025-65264

The CVE-2025-65264 affects the CPUID CPU-Z kernel driver (v2.17 and earlier). The IOCTL interface does not validate user-supplied values, enabling a local attacker to access sensitive information via a crafted request. Evidence from multiple sources confirms the vulnerable IOCTL path and affected...

PT-2026-4982

Name of the Vulnerable Software and Affected Versions CPU-Z versions 2.17 and earlier Description The kernel driver of CPUID CPU-Z does not validate user-supplied values passed via its IOCTL interface. This allows an attacker to access sensitive information by sending a crafted request. The...

EUVD-2017-6759

Malware in sbrugna...

CPUID CPU-Z 安全漏洞

CPUID CPU-Z is a system hardware information detection tool from CPUID. A security vulnerability exists in CPUID CPU-Z version 1.0.5.4, which stems from unverified parameters allowing modification of MSRLSTAR and hook KiSystemCall64...

Malicious CPU-Z App Distributed Through Ads on Fake Windows News Site

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A threat actor has been using Google Ads as a platform to distribute a tampered version of the CPU-Z tool. CPU-Z is a widely-used utility that provides information about various hardware components in a...

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like...

Malvertiser copies PC news site to deliver infostealer

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or...

VulnCheck KEV: CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running...

VulnCheck KEV: CVE-2017-15303

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

CPUID CPU-Z Arbitrary Read/Write Privilege Elevation Vulnerability

CPUID CPU-Z is a free software package for collecting information about system devices. A security vulnerability exists in versions of CPUID CPU-Z prior to 1.43, which originates from a program that can send ioctl 0x9C402430 calls to the kernel mode driver to exploit the vulnerability by writing ...

CVE-2017-15303

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...

Code injection

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...