CVE-2017-15303
NONE EPSS 71.7%
Published Oct 16, 20178y ago · Modified Jun 17, 20262w ago
Published Oct 16, 2017 8y ago
Last Modified Jun 17, 2026 2w ago
Description
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41).
Threat Intelligence
EPSS Exploit Probability
71.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| cpuid | cpu-z | * | ≤1.42 |
References 1
- github.com https://github.com/akayn/Bugs/blob/master/CPUID/CVE-2017-15303/README.md
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.