Denial of Service Vulnerability in Jungo DriverWizard from Jungo
CVE-2018-10071

5.5MEDIUM

Key Information:

Vendor: Jungo
Status: Windriver
Vendor: CVE Published:; 12 April 2018

What is CVE-2018-10071?

The Jungo DriverWizard contains a vulnerability in the windrvr1260.sys component that permits attackers to trigger a denial of service scenario. By executing a specific DeviceIoControl call (0x953826DB), an attacker can induce a Blue Screen of Death (BSOD), rendering the system inoperative. This flaw arises from improper handling of control requests, highlighting the need for immediate attention to prevent exploitation and to maintain system integrity.

References

https://github.com/bigric3/windrvr1260_poc4

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 12, 2018