Skip to content
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
WindowsKernelVuln/CVE-2023-1007/
WindowsKernelVuln/CVE-2023-1007/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
 
 

Twister Antivirus, filmfd.sys, Arbitrary File Operation

Vulnerability Info

Version

Impact

Arbitrary File Operation

Description

From IoControlCode 0x801120E4, a normal user can create, read, and write arbitrary file due to the lack of access control.

Reproduce

In the attached file ArbitraryFileOperation.zip, there are ArbitraryFileOperation.exe, ArbitraryFileOperation.cpp, twister8_setup.exe, and filmfd.sys. ArbitraryFileOperation.exe is the PoC to create, read, and write arbitrary file where twister8_setup.exe which contains the vulnerable driver filmfd.sys is installed, and ArbitraryFileOperation.cpp is the source code of ArbitraryFileOperation.exe. To reproduce the issue, just install twister8_setup.exe and execute ArbitraryFileOperation.exe. It is expected that C:\Windows\haha.txt will be created once ArbitraryFileOperation.exe is executed. ArbitraryFileOperation.zip