CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:wibu:wibukey:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

18 Sep 2024, 20:26

Type Values Removed Values Added
First Time Microsoft windows
Microsoft
Wibu
Wibu wibukey
References () https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf - () https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf - Mitigation, Vendor Advisory
References () https://wibu.com - () https://wibu.com - Product
Summary
  • (es) Se descubrió un problema en WibuKey64.sys en WibuKey de WIBU-SYSTEMS antes de la versión v6.70 y se solucionó en la versión v6.70. Una comprobación incorrecta de los límites permite que los paquetes manipulados provoquen la escritura de una dirección arbitraria, lo que provoca la corrupción de la memoria del núcleo.
CPE cpe:2.3:a:wibu:wibukey:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CWE CWE-787
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 7.8

12 Sep 2024, 20:35

Type Values Removed Values Added
CWE CWE-119
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8

12 Sep 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-12 19:15

Updated : 2024-09-18 20:26


NVD link : CVE-2024-45181

Mitre link : CVE-2024-45181

CVE.ORG link : CVE-2024-45181


JSON object : View

Products Affected

wibu

  • wibukey

microsoft

  • windows
CWE
CWE-787

Out-of-bounds Write

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer