Vulnerabilities > CVE-2024-1096 - NULL Pointer Dereference vulnerability in Filseclab Twister Antivirus 8.17

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

filseclab

CWE-476

NVD

Published: 2024-02-13

Updated: 2024-03-21

Summary

Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.

Vulnerable Configurations

Part	Description	Count
Application	Filseclab Filseclab Twister Antivirus 8.17	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://fluidattacks.com/advisories/holiday/
http://www.filseclab.com/en-us/products/twister.htm