Impact
An improper boundary check in the driver of Portwell Engineering Toolkits version 4.8.2 allows a local authenticated user to read and write arbitrary memory. By exploiting this flaw an attacker can modify critical kernel data structures, leading to privilege escalation. The vulnerability is a classic buffer overflow (CWE‑119) and does not require remote access. Successful exploitation could also trigger a denial‑of‑service condition.
Affected Systems
Portwell Engineering Toolkits version 4.8.2 is the only affected release. The vulnerability is tied to the Portwell Engineering Toolkits driver and is present in any installation running this specific version. No other version or vendor is listed as impacted.
Risk and Exploitability
The CVSS score of 9.3 indicates high severity. With an EPSS below 1% and no listing in the CISA KEV catalog, observed exploitation remains low. The vulnerability requires a locally authenticated attacker with access to the Portwell Engineering Toolkit driver; under those conditions the risk is significant but limited to local environments. Successful exploitation can lead to privilege escalation or denial of service, potentially compromising the entire system.
OpenCVE Enrichment