Impact
Kernel driver ProcessMonitorDriver.sys in Safetica Endpoint Client x64 versions 10.5.75.0 and 11.11.4.0 contains an improperly validated IOCTL handler that allows an unprivileged local user to send a crafted request. The flaw enables the attacker to terminate protected system processes through a privilege escalation path.
Affected Systems
Safetica Endpoint Client, x64, versions 10.5.75.0 and 11.11.4.0. The vulnerability exists in the kernel driver ProcessMonitorDriver.sys. No other affected products are listed.
Risk and Exploitability
The EPSS score is not available, and the vulnerability is not currently listed in CISA's KEV catalog. Based on the description, it is inferred that the attack vector requires local physical or remote local control of the machine. With the documented ability to kill critical processes, even a low‑entropy attack could cause significant disruption. Of 7.5 indicates medium‑high severity, and the potential impact and requirement for privileged operation suggest a significant risk. The lack of a publicly available exploit does not reduce the importance of mitigating the flaw promptly.
OpenCVE Enrichment