2 matches found
CVE-2020-13522
CVE-2020-13522 affects SoftPerfect RAM Disk 4.1, specifically the spvve.sys driver. A vulnerable device object (Device\SoftPerfectVolume) can be targeted by an unprivileged user via a crafted IRP (IOCTL 0x222004) to perform arbitrary file deletion on the system. Talos confirms affected versions a...
CVE-2020-13523
CVE-2020-13523 affects SoftPerfect RAM Disk 4.1, driver spvve.sys. Talos confirms a local-information-disclosure vulnerability: a specially crafted IRP to Device\SoftPerfectVolume can leak kernel pool memory addresses, enabling information exposure. Affected version is SoftPerfect RAM Disk 4.1; t...