Vulnerabilities > CVE-2020-13522 - Unspecified vulnerability in Softperfect RAM Disk 4.1

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

softperfect

NVD

Published: 2020-08-04

Updated: 2022-06-07

Summary

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Softperfect Softperfect RAM Disk 4.1	1

References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1121