Vulnerabilities > CVE-2018-20029 - Use of Uninitialized Resource vulnerability in multiple products

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

NVD

Published: 2018-12-10

Updated: 2020-08-24

Summary

The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.

Vulnerable Configurations

Part	Description	Count
Application	Dokan-Dev Dokan DEV Dokanfs 0.6.0	1
Application	Nomachine Nomachine Nomachine 4.0.0 Nomachine Nomachine 4.0.352 Nomachine Nomachine 4.0.360 Nomachine Nomachine 4.0.362 Nomachine Nomachine 4.0.365 Nomachine Nomachine 4.0.366 Nomachine Nomachine 4.0.367 Nomachine Nomachine 4.0.368 Nomachine Nomachine 4.0.369 Nomachine Nomachine 4.0.370 Nomachine Nomachine 4.1.28 Nomachine Nomachine 4.1.29 Nomachine Nomachine 4.2.15 Nomachine Nomachine 4.2.17 Nomachine Nomachine 4.2.18 Nomachine Nomachine 4.2.19 Nomachine Nomachine 4.2.21 Nomachine Nomachine 4.2.22 Nomachine Nomachine 4.2.23 Nomachine Nomachine 4.2.24 Nomachine Nomachine 4.2.26 Nomachine Nomachine 4.2.27 Nomachine Nomachine 4.3 Nomachine Nomachine 4.3.24 Nomachine Nomachine 4.3.30 Nomachine Nomachine 4.4.1 Nomachine Nomachine 4.4.6 Nomachine Nomachine 4.4.12 Nomachine Nomachine 4.5.0 Nomachine Nomachine 4.6.3 Nomachine Nomachine 4.6.12 Nomachine Nomachine 4.6.16 Nomachine Nomachine 4.6.18 Nomachine Nomachine 4.6.20 Nomachine Nomachine 4.6.27 Nomachine Nomachine 5.0.0 Nomachine Nomachine 5.0.47 Nomachine Nomachine 5.0.58 Nomachine Nomachine 5.0.63 Nomachine Nomachine 5.1.7 Nomachine Nomachine 5.1.22 Nomachine Nomachine 5.1.24 Nomachine Nomachine 5.1.40 Nomachine Nomachine 5.1.42 Nomachine Nomachine 5.1.62 Nomachine Nomachine 5.2.21 Nomachine Nomachine 5.3.9 Nomachine Nomachine 5.3.12 Nomachine Nomachine 5.3.24 Nomachine Nomachine 5.3.25 Nomachine Nomachine 5.3.27 Nomachine Nomachine 6.0.0 Nomachine Nomachine 6.0.66 Nomachine Nomachine 6.0.78 Nomachine Nomachine 6.1.6 Nomachine Nomachine 6.1.9 Nomachine Nomachine 6.2.4 Nomachine Nomachine 6.3.6	59
OS	Microsoft Microsoft Windows 10 -	1

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

References

https://www.nomachine.com/TR11P08975