{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1188", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-03-06T07:09:32.040Z", "datePublished": "2023-03-06T07:10:01.518Z", "dateUpdated": "2025-03-05T19:24:54.606Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-21T07:35:39.705Z"}, "title": "FabulaTech Webcam for Remote Desktop IoControlCode ftwebcam.sys 0x222018 denial of service", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "CWE-404 Denial of Service"}]}], "affected": [{"vendor": "FabulaTech", "product": "Webcam for Remote Desktop", "versions": [{"version": "2.8.42", "status": "affected"}], "modules": ["IoControlCode Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222360."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in FabulaTech Webcam for Remote Desktop 2.8.42 ausgemacht. Es betrifft die Funktion 0x222018 in der Bibliothek ftwebcam.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "timeline": [{"time": "2023-03-06T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-03-06T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-03-06T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-03-31T16:54:48.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Zeze7w (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.222360", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.222360", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188", "tags": ["related"]}, {"url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing", "tags": ["exploit"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:40:58.890Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.222360", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.222360", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188", "tags": ["related", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing", "tags": ["exploit", "x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-05T18:41:21.923418Z", "id": "CVE-2023-1188", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-05T19:24:54.606Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.222360", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.222360", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188", "tags": ["related", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing", "tags": ["exploit", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:40:58.890Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1188", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-05T18:41:21.923418Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-05T18:41:23.564Z"}}], "cna": {"title": "FabulaTech Webcam for Remote Desktop IoControlCode ftwebcam.sys 0x222018 denial of service", "credits": [{"lang": "en", "type": "analyst", "value": "Zeze7w (VulDB User)"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "affected": [{"vendor": "FabulaTech", "modules": ["IoControlCode Handler"], "product": "Webcam for Remote Desktop", "versions": [{"status": "affected", "version": "2.8.42"}]}], "timeline": [{"lang": "en", "time": "2023-03-06T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2023-03-06T00:00:00.000Z", "value": "CVE reserved"}, {"lang": "en", "time": "2023-03-06T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2023-03-31T16:54:48.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.222360", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.222360", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188", "tags": ["related"]}, {"url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222360."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in FabulaTech Webcam for Remote Desktop 2.8.42 ausgemacht. Es betrifft die Funktion 0x222018 in der Bibliothek ftwebcam.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-404", "description": "CWE-404 Denial of Service"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-21T07:35:39.705Z"}}}, "cveMetadata": {"cveId": "CVE-2023-1188", "state": "PUBLISHED", "dateUpdated": "2025-03-05T19:24:54.606Z", "dateReserved": "2023-03-06T07:09:32.040Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2023-03-06T07:10:01.518Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fabulatech:webcam_for_remote_desktop:2.8.42:*:*:*:*:*:*:*", "matchCriteriaId": "BB015C29-B478-4F45-8912-60311DFAD9FA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222360."}], "id": "CVE-2023-1188", "lastModified": "2024-11-21T07:38:38.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-06T08:15:08.850", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?ctiid.222360"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.222360"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1_gVQtfbpywhh8Z6g4Y03Qg7UT3Aobz2e/view?usp=sharing"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1188"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?ctiid.222360"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.222360"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-404"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}