Vulnerability Details CVE-2018-20404
ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (uncontrollable) address, resulting in an eternal hang or a BSoD.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
Products affected by CVE-2018-20404
-
cpe:2.3:h:viatech:epia-e900:-
-
cpe:2.3:o:viatech:epia-e900_firmware:-