CVE-2024-1853 - OpenCVE

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://fluidattacks.com/advisories/ellington/
https://zemana.com/us/antilogger.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2024-03-14T22:13:57.283Z

Updated: 2024-06-04T18:01:08.414Z

Reserved: 2024-02-23T17:31:51.904Z

Link: CVE-2024-1853

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-03-14T23:15:45.057

Modified: 2024-03-15T12:53:06.423

Link: CVE-2024-1853

JSON object: View

Redhat Information

No data.

CWE

CWE-283

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1853", "assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "state": "PUBLISHED", "assignerShortName": "Fluid Attacks", "dateReserved": "2024-02-23T17:31:51.904Z", "datePublished": "2024-03-14T22:13:57.283Z", "dateUpdated": "2024-06-04T18:01:08.414Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "platforms": ["Windows"], "product": "AntiLogger", "vendor": "Zemena", "versions": [{"status": "affected", "version": "2.74.204.664"}]}], "datePublic": "2024-03-14T17:59:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers.<br><br>"}], "value": "Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers.\n\n"}], "impacts": [{"capecId": "CAPEC-234", "descriptions": [{"lang": "en", "value": "CAPEC-234 Hijacking a privileged process"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-283", "description": "CWE-283: Unverified Ownership", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "shortName": "Fluid Attacks", "dateUpdated": "2024-03-14T22:13:57.283Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://fluidattacks.com/advisories/ellington/"}, {"tags": ["product"], "url": "https://zemana.com/us/antilogger.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Zemana AntiLogger v2.74.204.664 - Arbitrary Process Termination", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1853", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-19T15:20:22.481862Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:01:08.414Z"}}]}}