{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1628", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-03-25T10:06:02.177Z", "datePublished": "2023-03-25T11:00:04.340Z", "dateUpdated": "2025-02-19T20:29:17.536Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-02-13T07:54:32.384Z"}, "title": "Jianming Antivirus IoControlCode kvcore.sys null pointer dereference", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "affected": [{"vendor": "Jianming", "product": "Antivirus", "versions": [{"version": "16.2.2022.418", "status": "affected"}], "modules": ["IoControlCode Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in Jianming Antivirus 16.2.2022.418 entdeckt. Es betrifft eine unbekannte Funktion in der Bibliothek kvcore.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}], "timeline": [{"time": "2023-03-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-03-25T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-03-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-04-15T09:53:32.000Z", "lang": "en", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.224010", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.224010", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30", "tags": ["broken-link"]}, {"url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view", "tags": ["exploit"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.268Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.224010", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.224010", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30", "tags": ["broken-link", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view", "tags": ["exploit", "x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-19T20:29:03.877500Z", "id": "CVE-2023-1628", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-19T20:29:17.536Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.224010", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.224010", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30", "tags": ["broken-link", "x_transferred"]}, {"url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view", "tags": ["exploit", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.268Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1628", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-19T20:29:03.877500Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-19T20:29:09.349Z"}}], "cna": {"title": "Jianming Antivirus IoControlCode kvcore.sys null pointer dereference", "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}], "affected": [{"vendor": "Jianming", "modules": ["IoControlCode Handler"], "product": "Antivirus", "versions": [{"status": "affected", "version": "16.2.2022.418"}]}], "timeline": [{"lang": "en", "time": "2023-03-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2023-03-25T00:00:00.000Z", "value": "CVE reserved"}, {"lang": "en", "time": "2023-03-25T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2023-04-15T09:53:32.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.224010", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.224010", "tags": ["signature", "permissions-required"]}, {"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30", "tags": ["broken-link"]}, {"url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability."}, {"lang": "de", "value": "Es wurde eine problematische Schwachstelle in Jianming Antivirus 16.2.2022.418 entdeckt. Es betrifft eine unbekannte Funktion in der Bibliothek kvcore.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-02-13T07:54:32.384Z"}}}, "cveMetadata": {"cveId": "CVE-2023-1628", "state": "PUBLISHED", "dateUpdated": "2025-02-19T20:29:17.536Z", "dateReserved": "2023-03-25T10:06:02.177Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2023-03-25T11:00:04.340Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:16.2.2022.418:*:*:*:*:*:*:*", "matchCriteriaId": "58D47A82-0F08-4197-9F3E-4676537649DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability."}], "id": "CVE-2023-1628", "lastModified": "2024-11-21T07:39:34.700", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-25T12:15:07.000", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?ctiid.224010"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.224010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?ctiid.224010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.224010"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "cna@vuldb.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}