CVE-2023-1445 - Vulnerability Details - OpenCVE

A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Filseclab	Twister Antivirus

Configuration 1 [-]

cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445
https://vuldb.com/?ctiid.223290
https://vuldb.com/?id.223290

History

Fri, 22 Nov 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-03-17T06:36:09.789Z

Updated: 2024-11-22T21:00:19.391Z

Reserved: 2023-03-17T06:35:54.109Z

Link: CVE-2023-1445

Vulnrichment

Updated: 2024-08-02T05:49:11.613Z

NVD

Status : Modified

Published: 2023-03-17T07:15:11.280

Modified: 2024-11-21T07:39:12.090

Link: CVE-2023-1445

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1445", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-03-17T06:35:54.109Z", "datePublished": "2023-03-17T06:36:09.789Z", "dateUpdated": "2024-11-22T21:00:19.391Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-21T08:53:46.200Z"}, "title": "Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "CWE-404 Denial of Service"}]}], "affected": [{"vendor": "Filseclab", "product": "Twister Antivirus", "versions": [{"version": "8", "status": "affected"}], "modules": ["IoControlCode Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in Filseclab Twister Antivirus 8 entdeckt. Es betrifft die Funktion 0x80112053 in der Bibliothek fildds.sys der Komponente IoControlCode Handler. Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "timeline": [{"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-03-17T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-04-11T09:43:14.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Zeze7w (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.613Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit", "x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-01T18:40:00.782215Z", "id": "CVE-2023-1445", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T21:00:19.391Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1445", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-03-17T06:35:54.109Z", "datePublished": "2023-03-17T06:36:09.789Z", "dateUpdated": "2024-11-22T21:00:19.391Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-21T08:53:46.200Z"}, "title": "Filseclab Twister Antivirus IoControlCode fildds.sys 0x80112053 denial of service", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-404", "lang": "en", "description": "CWE-404 Denial of Service"}]}], "affected": [{"vendor": "Filseclab", "product": "Twister Antivirus", "versions": [{"version": "8", "status": "affected"}], "modules": ["IoControlCode Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in Filseclab Twister Antivirus 8 entdeckt. Es betrifft die Funktion 0x80112053 in der Bibliothek fildds.sys der Komponente IoControlCode Handler. Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"}}], "timeline": [{"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-03-17T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-03-17T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-04-11T09:43:14.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Zeze7w (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:49:11.613Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.223290", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.223290", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445", "tags": ["related", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view", "tags": ["exploit", "x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1445", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-01T18:40:00.782215Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T21:00:15.420Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E731869E-4FB3-4858-AAD7-996B106E0543", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Filseclab Twister Antivirus 8. Affected is the function 0x80112053 in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-223290 is the identifier assigned to this vulnerability."}], "id": "CVE-2023-1445", "lastModified": "2024-11-21T07:39:12.090", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-17T07:15:11.280", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?ctiid.223290"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.223290"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://drive.google.com/file/d/1VYsdzogyxAsGH-rhUU1Bo_EbgpSEEN_Q/view"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1445"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?ctiid.223290"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.223290"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-404"}], "source": "cna@vuldb.com", "type": "Secondary"}]}