CVE-2023-44976
published 2025-08-01CVE-2023-44976: Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with…
PriorityP274low3.2CVSS 3.1
AVLACLPRHUINSCCNINAL
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.17%
6.1th percentile
Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hangzhou_shunwang | rentdrv2 | — | — |
| hangzhou_shunwang | rentdrv2 | — | — |
CVSS provenance
nvdv3.13.2LOWCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
vulncheck3.2LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xcwr-x5fm-7jmr: Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoCont
ghsa_unreviewed·2025-08-01
CVE-2023-44976 [LOW] CWE-782 GHSA-xcwr-x5fm-7jmr: Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoCont
Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.
VulnCheck
Exposed IOCTL with Insufficient Access Control
vulncheck·2023·CVSS 3.2
CVE-2023-44976 [LOW] Exposed IOCTL with Insufficient Access Control
Exposed IOCTL with Insufficient Access Control
Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.
Affected: oretnom23 customer_support_system
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/; https://www.cve.org/CVERecord?id=CVE-2023-44976
Exploit PoC: https://vulncheck.com/xdb/cbafa512fa0b
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-08-01
Published
Exploited in the wild