CVE-2025-51060
CVE-2025-51060 affects CPUID cpuz.sys 1.0.5.4. The advisory describes unvalidated DeviceIoControl IOCTLs (0x9C402440 for RDMSR and 0x9C402444 for WRMSR) that let an attacker read/write MSR_LSTAR and overwrite KiSystemCall64. This enables a kernel-mode ROP chain that disables SMEP by modifying CR4...