CVE-2023-1631

  1. CVE.bz
  2. Vulnerabilities (CVE)
  3. CVE-2023-1631
A vulnerability, which was classified as problematic, was found in JiangMin Antivirus 16.2.2022.418. This affects the function 0x222010 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224013 was assigned to this vulnerability.

5.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view Exploit Third Party Advisory
https://vuldb.com/?ctiid.224013 Permissions Required Third Party Advisory
https://vuldb.com/?id.224013 Third Party Advisory
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1631 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:jiangmin:jiangmin_antivirus:16.2.2022.418:*:*:*:*:*:*:*
History

31 Mar 2023, 00:59

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE CWE-476
CPE cpe:2.3:a:jiangmin:jiangmin_antivirus:16.2.2022.418:*:*:*:*:*:*:*
First Time Jiangmin jiangmin Antivirus
Jiangmin
References (MISC) https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view - (MISC) https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view - Exploit, Third Party Advisory
References (MISC) https://vuldb.com/?ctiid.224013 - (MISC) https://vuldb.com/?ctiid.224013 - Permissions Required, Third Party Advisory
References (MISC) https://vuldb.com/?id.224013 - (MISC) https://vuldb.com/?id.224013 - Third Party Advisory
References (MISC) https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1631 - (MISC) https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1631 - Third Party Advisory

26 Mar 2023, 09:15

Type Values Removed Values Added
References
  • {'url': 'https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30', 'name': 'https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30', 'tags': [], 'refsource': 'MISC'}
  • (MISC) https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1631 -
Summary A vulnerability, which was classified as problematic, was found in Jianming Antivirus 16.2.2022.418. This affects an unknown part in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224013 was assigned to this vulnerability. A vulnerability, which was classified as problematic, was found in JiangMin Antivirus 16.2.2022.418. This affects the function 0x222010 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224013 was assigned to this vulnerability.

25 Mar 2023, 12:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-03-25 12:15

Updated : 2023-03-31 00:59

NVD link : CVE-2023-1631

Mitre link : CVE-2023-1631

JSON object : View

Products Affected

jiangmin

  • jiangmin_antivirus
CWE
CWE-476

NULL Pointer Dereference