CVE-2018-8061

{"id": "CVE-2018-8061", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2018-05-10T03:29:00.370", "references": [{"url": "https://github.com/otavioarj/SIOCtl", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write."}, {"lang": "es", "value": "El controlador del Kernel HWiNFO AMD64, en versiones 8.98 y anteriores, permite que un usuario sin privilegios env\u00ede una llamada IOCTL 0x85FE2608 al controlador del dispositivo con el nombre de dispositivo simb\u00f3lico HWiNFO32, lo que resulta en una lectura o escritura de la memoria f\u00edsica directa."}], "lastModified": "2018-06-13T13:42:45.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hwinfo:amd64_kernel_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E69D912-A248-49C2-84EA-D04FF388422B", "versionEndIncluding": "8.98"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}