CVE-2024-36056

1976-01-0100:00:00

mitre

github.com

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory via IOCTL 0x9c406490 (for IoAllocateMdl, MmBuildMdlForNonPagedPool, and MmMapLockedPages), leading to NT AUTHORITY\SYSTEM privilege escalation.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:marvin_test:hw_driver:1.0:*:*:*:*:*:*:*"
    ],
    "vendor": "marvin_test",
    "product": "hw_driver",
    "versions": [
      {
        "status": "affected",
        "version": "1.0",
        "versionType": "custom",
        "lessThanOrEqual": "5.0.4.0"
      }
    ],
    "defaultStatus": "affected"
  }
]