CVE-2023-1631

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.2%
top 63.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jiangmin AntivirusJiangmin Jiangmin Antivirus
Timeline
PublishedMar 25

Description

A vulnerability, which was classified as problematic, was found in JiangMin Antivirus 16.2.2022.418. This affects the function 0x222010 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224013 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5jiangmin/antivirus16.2.2022.418
NVDjiangmin/jiangmin_antivirus16.2.2022.418

🔴Vulnerability Details

2
CVEList
JiangMin Antivirus IOCTL kvcore.sys 0x222010 null pointer dereference2023-03-25
GHSA
GHSA-www7-fg82-q962: A vulnerability, which was classified as problematic, was found in Jianming Antivirus 162023-03-25
CVE-2023-1631 (MEDIUM CVSS 5.5) | A vulnerability | cvebase.io