- Description
- Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition.
- Source
- vultures@jpcert.or.jp
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 6.3
- Impact score
- 4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
- Severity
- MEDIUM
- vultures@jpcert.or.jp
- CWE-88
- Hype score
- Not currently trending
報告したディフェンスプラットフォームの脆弱性が公開された BSODになるポイントは4つだけど一遍に報告したせいか一つのCVEでまとめられた模様 NtCreateFile,NtCreateThread,NtLoadDriver,NtOpenFileを特定の方法で呼び出すと発生 CVE-2025-24845 https://t.co/iesNK3d5kf https://t.co/CbjmM9so6e
@Te2Ngt
7 Feb 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24845 Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attac… https://t.co/XoqHfilMQJ
@CVEnew
6 Feb 2025
358 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes