Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
Vulnerability Description
PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the PCANFD_ADD_FILTERS IOCTL. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-24161.
CVSS Information
N/A
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
PEAK-System Driver 安全漏洞
Vulnerability Description
PEAK-System Driver是德国PEAK-System公司的一款驱动程序。 PEAK-System Driver存在安全漏洞,该漏洞源于PCANFD_ADD_FILTERS IOCTL处理不当,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A