Impact
An improper access control flaw exists in the amwrtdrv.sys kernel driver shipped with AOMEI Backupper up to version 8.3.0. The vulnerability allows a malicious local user to manipulate a function in the driver, leading to privilege escalation and full control of the affected machine. The flaw is not tied to remote access; an attacker must have local execution rights to exploit it.
Affected Systems
Systems running AOMEI Backupper 8.3.0 or earlier are vulnerable, as the kernel driver amwrtdrv.sys contains the flaw. The vulnerability specifically targets the unknown function within this driver, which is part of the AOMEI Backupper package.
Risk and Exploitability
The CVSS score of 8.5 classifies the issue as high severity. While the EPSS score is currently unavailable, the lack of a publicly available exploit suggests the risk is primarily local and depends on the presence of a user with sufficient privileges to run the driver. The vulnerability is not listed in the CISA KEV catalog, indicating no known widespread exploitation at this time. An attacker with local access can elevate privileges by exploiting the flawed access controls and thereby compromise the entire system.
OpenCVE Enrichment