CVE-2024-36056

low-risk

Published 2024-05-26

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory via IOCTL 0x9c406490 (for IoAllocateMdl, MmBuildMdlForNonPagedPool, and MmMapLockedPages), leading to NT AUTHORITY\SYSTEM privilege escalation.

Do I need to act?

0.11% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.4/10 Medium

NETWORK / LOW complexity

References (4)

https://www.marvintest.com/Downloads.aspx?prodId=12&search=package

https://www.marvintest.com/KnowledgeBase/KBArticle.aspx?ID=362

https://www.marvintest.com/Downloads.aspx?prodId=12&search=package

https://www.marvintest.com/KnowledgeBase/KBArticle.aspx?ID=362

/ 100

low-risk

Severity 21/34 · High

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal