CVE-2023-1629

Published Mar 25, 2023

Last updated 6 months ago

Overview

Description: A vulnerability classified as critical was found in JiangMin Antivirus 16.2.2022.418. Affected by this vulnerability is the function 0x222010 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224011.
Source: cna@vuldb.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Secondary
Base score: 4.3
Impact score: 6.4
Exploitability score: 3.1
Vector string: AV:L/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119
cna@vuldb.com: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:16.2.2022.418:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58D47A82-0F08-4197-9F3E-4676537649DC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References