N/A

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a crafted IOCTL request with Options > 40, causing a stack buffer overflow that may lead to kernel code execution, local privilege escalation, or denial of service (system crash). Additionally, the same IOCTL handler can leak kernel addresses and other sensitive stack data when reading beyond the buffer boundaries.

N/A

N/A

Wincor Nixdorf wnBios64.sys 安全漏洞

Wincor Nixdorf wnBios64.sys是德国Wincor Nixdorf公司的一个内核驱动程序。 Wincor Nixdorf wnBios64.sys 1.2.0.0版本存在安全漏洞，该漏洞源于代码0x80102058的IOCTL处理程序缺少边界检查，可能导致栈缓冲区溢出、内核代码执行、本地权限提升或拒绝服务。

N/A

N/A