JVNVU#93886750
Phoenix Technologies Windows kernel driver vulnerable to insufficient access control on its IOCTL
Overview
Some of the Windows kernel drivers provided by Phoenix Technologies Inc. is vulnerable to insufficient access control on its IOCTL.
Products Affected
This vulnerability was found in the driver file "TdkLib64.sys" by the reporter.
According to the developer, a patched driver was provided to the users who may be affected by this vulnerability in June 2023.
For more details, contact the developer.
Description
Some of the Windows kernel drivers provided by Phoenix Technologies Inc. is vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-35841).
Impact
By sending a specific IOCTL request, an attacker without the administrator privilege for the product may perform I/O to any hardware port or physical address, resulting in erasing or altering of the firmware.
Solution
Contact the developer
According to the developer, a patched driver was provided to the users who may be affected by this vulnerability in June 2023.
For more details, contact the developer.
Vendor Status
| Vendor | Link |
| Phoenix Technologies Inc. | Support |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.