CVE-2018-3989

low-risk

Published 2019-02-05

An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.

Do I need to act?

0.14% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.3/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Wibukey

Affected Vendors

Wibu

References (10)

Third Party Advisory http://www.securityfocus.com/bid/107005

Third Party Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-760124.pdf

Third Party Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-844562.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf

Exploit https://talosintelligence.com/vulnerability_reports/TALOS-2018-0657

Third Party Advisory http://www.securityfocus.com/bid/107005

Third Party Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-760124.pdf

Third Party Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-844562.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf

Exploit https://talosintelligence.com/vulnerability_reports/TALOS-2018-0657

/ 100

low-risk

Severity 15/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal