Kernel Memory Corruption Vulnerability in WIBU-SYSTEMS WibuKey Product
CVE-2024-45181

7.8HIGH

Key Information:

Vendor: Wibu
Status: Wibukey
Vendor: CVE Published:; 12 September 2024

What is CVE-2024-45181?

An improper bounds check in the WibuKey64.sys driver in WIBU-SYSTEMS WibuKey before version 6.70 allows for crafted packets to trigger an arbitrary address write. This situation results in kernel memory corruption, which may lead to unauthorized access or execution of code in the kernel space. This vulnerability affects the stability and security of systems utilizing this version of the WibuKey product.

References

https://wibu.com

https://cdn.wibu.com/fileadmin/wibu_downloads/security_ad...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2024