CVE-2023-1488

low-risk
Published 2023-03-18

A vulnerability, which was classified as problematic, was found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54. Affected is the function 0x9C40A0D8/0x9C40A0DC/0x9C40A0E0 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-223374 is the identifier assigned to this vulnerability.

Do I need to act?

~
1.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.3/10 Low
LOCAL / LOW complexity

Affected Products (1)

Wise System Monitor

Affected Vendors

Wisecleaner

References (8)

Exploit https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view
Exploit https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1488
Permissions Required https://vuldb.com/?ctiid.223374
Third Party Advisory https://vuldb.com/?id.223374
Exploit https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view
Exploit https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1488
Permissions Required https://vuldb.com/?ctiid.223374
Third Party Advisory https://vuldb.com/?id.223374
23
/ 100
low-risk
Severity 13/34 · Low
Exploitability 5/34 · Minimal
Exposure 5/34 · Minimal