The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to write to arbitrary kernel memory addresses because the IOCTL dispatcher lacks pointer validation. Exploiting this vulnerability results in privileged code execution.
References
Link | Resource |
---|---|
https://www.winmagic.com/support/release-notes/securedoc-v8-5-sr2-hf1 | Release Notes Vendor Advisory |
https://www.winmagic.com/support/release-notes/securedoc-v8-5-sr2/ | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-06-22T17:47:09
Updated: 2020-07-17T12:20:28
Reserved: 2020-04-04T00:00:00
Link: CVE-2020-11520
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-22T18:15:11.230
Modified: 2022-05-03T13:59:21.567
Link: CVE-2020-11520
JSON object: View
Redhat Information
No data.
CWE