Lucene search

[email protected]CVE-2020-22061

HistoryDec 28, 2021 - 8:15 p.m.

CVE-2020-22061

2021-12-2820:15:07

[email protected]

web.nvd.nist.gov

cve-2020-22061

nvd

superantispyware

saskutil64.sys

data write vulnerability

device security

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.8%

JSON

SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the component saskutil64.sys. This issue allows attackers to arbitrarily write data to the device via IOCTL 0x9C402140.

Affected configurations

NVD

Node

superantispywaresuperantispywareMatch8.0.0.1050free

superantispywaresuperantispywareMatch8.0.0.1050pro

CPENameOperatorVersion
superantispyware:superantispywaresuperantispywareeq8.0.0.1050

CPE	Name	Operator	Version
superantispyware:superantispyware	superantispyware	eq	8.0.0.1050

References

gist.github.com/hfiref0x/7e66d943984cceac60eb812ac1bf8208

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.8%

JSON

Related for CVE-2020-22061

cnvd1 nvd1 cvelist1 prion1