CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42685

An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 . The IOCTL Handler 0x22005B in the Accops HyWorks DVM Tools prior to v3.3.1.105 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 7.2

References

https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/
https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/

Products affected by CVE-2021-42685

Accops » Hyworks Dvm Tools » Version: Any

cpe:2.3:a:accops:hyworks_dvm_tools:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42685

Products

Pricing

Contact Us