CVE-2023-1486
published 2023-03-18CVE-2023-1486: A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the…
PriorityP277high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.51%
39.7th percentile
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lespeed | wisecleaner_wise_force_deleter | — | — |
| wisecleaner | wise_force_deleter | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target driver: WiseUnlock64.sys — monitor for loading of this kernel driver as part of local privilege/access abuse ↗
- →Malicious IOCTL code 0x220004 sent to WiseUnlock64.sys — alert on DeviceIoControl calls targeting this control code ↗
- ·Exploitation requires local access only — this is not a remotely exploitable vulnerability ↗
- ·A public exploit exists and may be in active use ↗
- ·Affected version is Wise Force Deleter 1.5.3.54 — scope detection/patching to this specific version ↗
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvdv2.03.2LOWAV:L/AC:L/Au:S/C:N/I:P/A:P
vulncheck4.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x228-mmh3-gg6h: A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1
ghsa_unreviewed·2023-03-18
CVE-2023-1486 [HIGH] CWE-284 GHSA-x228-mmh3-gg6h: A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects unknown code in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
VulnCheck
wisecleaner wise_force_deleter Improper Access Control
vulncheck·2023·CVSS 4.4
CVE-2023-1486 [MEDIUM] wisecleaner wise_force_deleter Improper Access Control
wisecleaner wise_force_deleter Improper Access Control
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
Affected: wisecleaner wise_force_deleter
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.acronis.com/en-us/cyber-protection-center/posts/shadow-vector-targ
No detection rules found.
No public exploits indexed.
https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/viewhttps://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486https://vuldb.com/?ctiid.223372https://vuldb.com/?id.223372https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/viewhttps://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486https://vuldb.com/?ctiid.223372https://vuldb.com/?id.223372
2023-03-18
Published
Exploited in the wild