CVE-2023-1445 - OpenCVE

A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:S/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Filseclab	Twister Antivirus

Configuration 1 [-]

cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445
https://vuldb.com/?ctiid.223290
https://vuldb.com/?id.223290

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-03-17T06:36:09.789Z

Updated: 2024-08-02T05:49:11.613Z

Reserved: 2023-03-17T06:35:54.109Z

Link: CVE-2023-1445

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-03-17T07:15:11.280

Modified: 2024-05-17T02:18:05.883

Link: CVE-2023-1445

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1445", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-03-17T06:35:54.109Z", "datePublished": "2023-03-17T06:36:09.789Z", "dateUpdated": "2024-08-02T05:49:11.613Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-21T08:53:46.200Z"}, "title": "Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "CWE-404 Denial of Service"}]}], "affected": [{"vendor": "Filseclab", "product": "Twister Antivirus", "versions": [{"version": "8", "status": "affected"}], "modules": ["IoControlCode Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in Filseclab Twister Antivirus 8 entdeckt. Es betrifft die Funktion 0x80112053 in der Bibliothek fildds.sys der Komponente IoControlCode Handler. Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "timeline": [{"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-03-17T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-04-11T09:43:14.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Zeze7w (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.613Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit", "x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E731869E-4FB3-4858-AAD7-996B106E0543", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability."}], "id": "CVE-2023-1445", "lastModified": "2024-05-17T02:18:05.883", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2023-03-17T07:15:11.280", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?ctiid.223290"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.223290"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-404"}], "source": "cna@vuldb.com", "type": "Primary"}]}