PT-2026-38641

Name of the Vulnerable Software and Affected Versions AsusPTPFilter affected versions not specified Description An exposed IOCTL Input/Output Control with insufficient access control allows a local user to bypass driver security mechanisms. This can lead to the unauthorized acquisition of...

PT-2026-7292

Name of the Vulnerable Software and Affected Versions Intel Ethernet Connection E825-C firmware versions prior to 3.84 Description An issue exists due to insufficient access control in the firmware of certain Intel Ethernet Connection E825-C devices. A system software adversary with privileged us...

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

CVE-2025-47761

Fortinet FortiClientWindows is affected by a local Exposed IOCTL with Insufficient Access Control vulnerability (CWE-782) via the fortips driver. Affected versions: 7.2.0–7.2.9 and 7.4.0–7.4.3. An authenticated local user could execute unauthorized code, with exploitation requiring bypass of Wind...

CVE-2025-26125

An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges...

CVE-2025-26125

CVE-2025-26125 affects IObit Malware Fighter (v12.1.0) via an exposed ioctl in the IMFForceDelete driver. The root cause is the IMFForceDelete driver exposing an I/O control that enables arbitrary file deletion and privilege escalation. Impact per sources: local attacker could delete files and el...

PT-2025-11525

Name of the Vulnerable Software and Affected Versions IObit Malware Fighter version 12.1.0 Description An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter allows attackers to arbitrarily delete files and escalate privileges. Recommendations As a temporary workaround, consider...

CVE-2023-35841

Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0...

CVE-2023-35841

Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0...

CVE-2023-35841

CVE-2023-35841 describes an IOCTL access-control weakness in the Phoenix WinFlash Driver on Windows, enabling privilege escalation and potential modification of system firmware. The issue affects WinFlash Driver versions before 4.5.0.0, via an exposed IOCTL that allows reading/writing to hardware...

CVE-2023-35841 WinFlash Driver Permissions Issue

Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0...

Microsoft Windows 10.0.17763.5458 Privilege Escalation

Exploit Title : EXPLOIT Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability CVE-2024-21338 This module requires Metasploit: https://metasploit.com/download Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High require 'msf/core' class...

CVE-2024-29216

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware...

GIGABYTE Driver Privilege Escalation

SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ GIGABYTE Drivers Elevation of Privilege Vulnerabilities 1. Advisory Information Title: GIGABYTE Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0007 Advisory URL:...

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities

Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-2015-0013 Advisory URL: http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities Date published: 2015-09-01 Date of last update: 2015-09-01 Vendors contacted: Fortinet...