CVE-2026-3609
5.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Wellbia's XIGNCODE3 xhunter1.sys kernel driver Privilege Escalation Vulnerability provides access to IRP_MJ_REITS command interface, which allows any user process to request a PROCESS_ALL_ACCESS. Cross reference to KVE 2023-5589 (https://krcert.or.kr)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Wellbia | XIGNCODE3 Anti-Cheat | 10.0.10011.16384 | affected |
Weaknesses
- CWE-269 Improper Privilege Management
- CWE-732 Incorrect Permission Assignment for Critical Resource
- CWE-284 Improper Access Control
- CWE-266 Incorrect Privilege Assignment
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.