CVE-2020-14955

CWE-20 — Improper Input Validation CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 85.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jiangmin Jiangmin Antivirus

Timeline

PublishedJun 26

Latest updateMay 24

Description

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDjiangmin/jiangmin_antivirus16.0.13.129

🔴Vulnerability Details

GHSA

GHSA-4243-9jgj-pmh6: In Jiangmin Antivirus 16↗2022-05-24

▶

CVEList

CVE-2020-14955: In Jiangmin Antivirus 16↗2020-06-26

▶