CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 1CVE-2019-0732 – Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
https://notcve.org/view.php?id=CVE-2019-0732
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'. En Windows existe una vulnerabilidad de omisión de la característica de seguridad, que podría permitir a un atacante eludir Device Guard, debido a que Windows maneja de forma incorrecta las llamadas al controlador LUAFV (luafv.sys), también conocido como 'Vulnerabilidad de omisión de la característica de seguridad de Windows'. On Microsoft Windows, the NtSetCachedSigningLevel system call can be tricked by the operation of LUAFV to apply a cached signature to an arbitrary file leading to a bypass of code signing enforcement under UMCI with Device Guard. • https://www.exploit-db.com/exploits/46716 http://packetstormsecurity.com/files/152536/Microsoft-Windows-LUAFV-NtSetCachedSigningLevel-Device-Guard-Bypass.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0732 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-3989
https://notcve.org/view.php?id=CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. • http://www.securityfocus.com/bid/107005 https://cert-portal.siemens.com/productcert/pdf/ssa-760124.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-844562.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf https://talosintelligence.com/vulnerability_reports/TALOS-2018-0657 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-8060
https://notcve.org/view.php?id=CVE-2018-8060
HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. ... Si los punteros de entrada y/o salida son NULL o si sus datos no son válidos, ocurre un acceso al puntero NULL/inválido, lo que resulta en un pánico del kernel de Windows, también denominado Blue Screen. • https://github.com/otavioarj/SIOCtl • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9051
https://notcve.org/view.php?id=CVE-2018-9051
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002021. En Windows Master (también conocido como Windows Optimization Master) 7.99.13.604, el archivo del controlador (WoptiHWDetect.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, causen otro impacto sin especificar debido a que no se validan los valores de entrada desde IOCtl 0xf1002021. • https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002021 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9048
https://notcve.org/view.php?id=CVE-2018-9048
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282c. En Windows Master (también conocido como Windows Optimization Master) 7.99.13.604, el archivo del controlador (WoptiHWDetect.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, causen otro impacto sin especificar debido a que no se validan los valores de entrada desde IOCtl 0xf100282c. • https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf100282C • CWE-20: Improper Input Validation •