CVE-2007-5633
SpeedFan - 'Speedfan.sys' Local Privilege Escalation
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \Device\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR.
Speedfan.sys en Alfredo Milani Comparetti SpeedFan 4.33, uando es utilizado sobre Microsoft Windows Vista x64, permite a usuarios locales leer o escribit MSRs de su elección, y ganar privilegios y cargar controladores no asignados, a través de (1) IOCTL_RDMSR 0x9C402438 y (2) IOCTL_WRMSR 0x9C40243C IOCTLs en \Device\speedfan, como se demostró por la acción IOCTL_WRMSR sobre MSR_LSTAR.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-10-18 First Exploit
- 2007-10-23 CVE Reserved
- 2007-10-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/41842 | Vdb Entry | |
| http://secunia.com/advisories/27312 | Third Party Advisory | |
| http://www.reversemode.com/index.php?option=com_content&task=view&id=42&Itemid=1 | X_refsource_misc | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37298 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/30681 | 2007-10-18 | |
| http://www.bugtrack.almico.com/view.php?id=987 | 2024-08-07 | |
| http://www.securityfocus.com/bid/26123 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Almico Search vendor "Almico" | Speedfan Search vendor "Almico" for product "Speedfan" | 4.33 Search vendor "Almico" for product "Speedfan" and version "4.33" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | x64 |
Safe
|