Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.6
CVSSv2

CVE-2018-8061

Published: 10/05/2018 Updated: 13/06/2018
CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 320
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Hwinfo

Vulnerability Summary

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.

Vulnerable Product Search on Vulmon Subscribe to Product

hwinfo amd64 kernel driver

Github Repositories

https://github.com/otavioarj/SIOCtl

Simple IOCTL dispatcher for CVE-2018-8060/8061

SIOCtl Simple IOCTL dispatcher This is a generic IOCTL "dispatcher" I made this to be used as a POC for CVE 2018-8060 and 2018-8061, but it can be used to any device, IOCTL and data, thought Input data is a binary file, containing raw data to be used as input buffer in IO control Output data is displayed as hexdecimal dump CVE 2018-8060 Description: HWiNFO A

References

CWE-119https://github.com/otavioarj/SIOCtlhttps://nvd.nist.govhttps://github.com/otavioarj/SIOCtl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook