Vulnerabilities > CVE-2025-0221 - NULL Pointer Dereference vulnerability in I0Bit Protected Folder

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

i0bit

CWE-476

NVD

Published: 2025-01-05

Updated: 2025-01-23

Summary

A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	I0Bit I0Bit Protected Folder *	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://shareforall.notion.site/IOBit-Protected-Folder-pffilter-0x22200C-NPD-DOS-15260437bb1e80b2a477d42396d5d06c
https://vuldb.com/?ctiid.290200
https://vuldb.com/?id.290200
https://vuldb.com/?submit.466955