|CVSS SCORE||7.2, (AV:L/AC:L/Au:N/C:C/I:C/A:C)|
The specific flaw exists within processing of the 0x82ac0170 IOCTL by the aswSnx driver in the kernel. An address passed into the kernel through a DeviceIoControl call is trusted and used without validation. An attacker could leverage this vulnerability to execute arbitrary code in the context of the kernel.
|CREDIT||bee13oy of CloverSec Labs