Local Privilege Escalation Vulnerability in Hangzhou Shunwang Rentdrv2 Software
CVE-2023-44976

3.2LOW

Key Information:

Vendor: Hangzhou Shunwang
Status: Rentdrv2
Vendor: CVE Published:; 1 August 2025

🔔 Create Hangzhou Shunwang Vulnerability Alert

What is CVE-2023-44976?

The software Rentdrv2 developed by Hangzhou Shunwang is vulnerable to a local privilege escalation that allows users to terminate endpoint detection and response (EDR) processes. This exploitation can lead to further impacts on the system, as seen in real-world attacks reported in October 2023. The vulnerability arises from the misuse of the DeviceIoControl function with control code 0x22E010, which has not yet been fully assessed for all potential exploits.

Affected Version(s)

Rentdrv2 1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3

Rentdrv2 9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5

References

https://github.com/keowu/BadRentdrv2

https://unit42.paloaltonetworks.com/agonizing-serpens-tar...

CVSS V3.1

Score:

3.2

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2025
Vulnerability Reserved
Oct 2, 2023