CVE-2023-1627

low-risk

Published 2023-03-25

A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has been rated as problematic. This issue affects some unknown processing in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier VDB-224009 was assigned to this vulnerability.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Jiangmin Antivirus

Affected Vendors

Jiangmin

References (8)

Exploit https://drive.google.com/file/d/1fQFw8ayQUFzJM2_4V-ld8CN8gvisVoiu/view

Broken Link https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned29

Permissions Required https://vuldb.com/?ctiid.224009

Third Party Advisory https://vuldb.com/?id.224009

Exploit https://drive.google.com/file/d/1fQFw8ayQUFzJM2_4V-ld8CN8gvisVoiu/view

Broken Link https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned29

Permissions Required https://vuldb.com/?ctiid.224009

Third Party Advisory https://vuldb.com/?id.224009

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal