Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WinFlash Driver Permissions Issue
Vulnerability Description
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
PHOENIX CONTACT TdkLib64.sys 安全漏洞
Vulnerability Description
PHOENIX CONTACT TdkLib64.sys是德国菲尼克斯电气(PHOENIX CONTACT)公司的一个核心应用。 PHOENIX CONTACT TdkLib64.sys 存在安全漏洞,该漏洞源于TdkLib64.sys 容易受到 IOCTL 访问控制不足的影响,通过发送特定的 IOCTL 请求,没有产品管理员权限的攻击者可以对任何硬件端口或物理地址执行 I/O,从而导致擦除或更改固件。
CVSS Information
N/A
Vulnerability Type
N/A