CVE-2020-13523

Summary

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aSoftPerfectSoftPerfect RAM Disk 4.1affected

Weaknesses

  • CWE-200: CWE-200: Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References