Ballistix MOD Utility through... CVE-2021-41285

7.2 AV AC AU C I A
发布: 2021-10-04
修订: 2024-11-21

Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息