Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LG Device Manager 后置链接漏洞
Vulnerability Description
LG Device Manager是韩国乐金(LG)公司的一款设备管理器。LHA.sys driver是其中的一个LHA.sys驱动程序。 LG Device Manager中的LHA.sys驱动程序1.1.1811.2101之前版本存在安全漏洞,该漏洞源于设备对象带有相关联的符号链接和开放的DACL。攻击者可借助特制的IOCTL请求利用该漏洞读取并写入任意的物理内存。
CVSS Information
N/A
Vulnerability Type
N/A