CVE-2025-6217 – PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2025-6217

18 Jun 2025 — PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the PCANFD_ADD_FILTERS IOCTL. The issue results from the lack of proper locking when performing operati... • https://www.zerodayinitiative.com/advisories/ZDI-25-408 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •