CVE-2023-41444
N/A
N/A
Summary
An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://blog.dru1d.ninja/windows-driver-exploit-development-irec-sys-a5eb45093945
- https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0
- https://github.com/magicsword-io/LOLDrivers/blob/main/yaml/d74fdf19-b4b0-4ec2-9c29-4213b064138b.yml
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://blog.dru1d.ninja/windows-driver-exploit-development-irec-sys-a5eb45093945
- https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0
- https://github.com/magicsword-io/LOLDrivers/blob/main/yaml/d74fdf19-b4b0-4ec2-9c29-4213b064138b.yml
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.