Main
Vulnerability Database
Exploits
ID:9163 - Exploit for Buffer overflow in Wibukey - CVE-2018-3990
ID:9163 - Exploit for Buffer overflow in Wibukey - CVE-2018-3990
Published: June 28, 2023
Vulnerability identifier: #VU16679
Vulnerability risk: Low
CVE-ID: CVE-2018-3990
CWE-ID: CWE-120
Exploitation vector: Local access
Vulnerable software:
Wibukey
Wibukey
Link to public exploit:
Vulnerability description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to buffer overflow in the 0x8200E804 IOCTL handler functionality of WibuKey.sys when handling malicious input. A local attacker can use a specially crafted IRP request, trigger kernel memory corruption and gain elevated privileges.
The weakness exists due to buffer overflow in the 0x8200E804 IOCTL handler functionality of WibuKey.sys when handling malicious input. A local attacker can use a specially crafted IRP request, trigger kernel memory corruption and gain elevated privileges.
Remediation
Update to version 6.50.