Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2015-2291

Published: 09/08/2017 Updated: 24/08/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 726
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

(1) IQVW32.sys prior to 1.3.1.0 and (2) IQVW64.sys prior to 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intel ethernet_diagnostics_driver_iqvw32.sys 1.03.0.7

intel ethernet_diagnostics_driver_iqvw64.sys 1.03.0.7

Exploits

Exploit DB: Intel Network Adapter Diagnostic Driver - IOCTL Handling
/* Intel Network Adapter Diagnostic Driver IOCTL Handling Vulnerability Vendor: Intel Product webpage: wwwintelcom Affected product(s): Network Adapter Driver for Windows XP Network Adapter Driver for Windows 7 Network Adapter Driver for Windows 8 Network Adapter Driver for Windows 2008/R2 Network Adapter Driver for Windows 2012/R2 A ...
Exploit DB: Intel Network Adapter Diagnostic Driver IOCTL DoS
A vulnerability in iqvw32sys and iqvw64esys drivers has been discovered in the Intel Network Adapter Driver The vulnerability exists due to insufficient input buffer validation when the driver processes IOCTL codes 0x80862013, 0x8086200B, 0x8086200F, 0x80862007 using METHOD_NEITHER and due to insecure permissions allowing everyone read and write ...

Github Repositories

https://github.com/Tare05/Intel-CVE-2015-2291

PoC exploit for CVE-2015-2291

Intel-CVE-2015-2291 PoC exploit for CVE-2015-2291 Data-only attack to pop a system shell with the vulnerable intel driver The code itselfs implements more "functionality" provided from the driver, like physical to virtual address translation, mapping physical memory (This two combined = arbitrary kernel memory overwrite) so it can be used to execute arbitrary code i

https://github.com/RivaTesu/iHaek

Handle access elevation by DKOM

iHaek - Intel Handle Access Elevation Kernel Handle access elevation by DKOM About This project uses CVE-2015-2291 which allows low-level interation though a vulnerable ioctl Tested on the latest versions of Windows (10/11) DKOM Direct kernel object manipulation is a technique that can be used to bypass security controls and gain access to sensitive information or perform

https://github.com/Aaliyah6022/BeDriver2

BeDriver2 A Kernel mode driver made for reading and writing protected memory from kernel access Efficient for bypassing kernel anticheats Anticheats Bypassed Utilizing Kernel Modules BattleEye, Xigncode, Easy Anti Cheat, Vanguard What is a kernel mode driver & Kernel Mode vs User Mode A processor in a Windows computer has two different modes: kernel mode and user mode

References

CWE-20https://www.exploit-db.com/exploits/36392/http://www.securityfocus.com/bid/79623http://packetstormsecurity.com/files/130854/Intel-Network-Adapter-Diagnostic-Driver-IOCTL-DoS.htmlhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00051&languageid=en-frhttps://nvd.nist.govhttps://github.com/Tare05/Intel-CVE-2015-2291https://www.exploit-db.com/exploits/36392/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-3611CVE-2024-4947CVE-2024-32988CVE-2020-35165local file inclusionCVE-2024-4980bypassmalicious code‎
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook