Local Code Execution Vulnerability in ESET System Analyzer Tool
CVE-2008-4451

Currently unrated

Key Information:

Vendor: Eset Software
Status: System Analyzer Tool
Vendor: CVE Published:; 6 October 2008

🔔 Create Eset Software Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-4451?

The SysInspector AntiStealth driver (esiasdrv.sys) version 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 has a vulnerability that allows local users to execute arbitrary code. By sending a specially crafted METHOD_NEITHER IOCTL request to the device, an attacker can overwrite a pointer in the driver, leading to unauthorized actions within the system. This flaw poses significant risks, potentially allowing attackers to escalate their privileges and compromise system integrity.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-4451 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45619

vdb-entryx_refsource_XF

http://www.ntinternals.org/

x_refsource_MISC

http://securityreason.com/securityalert/4353

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 6, 2008
👾
Exploit known to exist
Oct 6, 2008
Vulnerability published
Oct 6, 2008
Vulnerability Reserved
Oct 6, 2008

CVE-2008-4451 Data

JSON