Vir.IT eXplorer, VIRAGTLT.sys, DoS
Vulnerability Info
Version
- Vir.IT eXplorer 9.4.86.0, VIRAGTLT.sys 1.86.0.0
- https://www.tgsoft.it/
Impact
Denial of Service
Description
From IoControlCode 0x82730088, a normal user can cause DoS due to the lack of validating SystemBuffer.
Reproduce
In the attached file DoS.zip, there are DoS.exe, DoS.cpp, vnlt9486.exe, and VIRAGTLT.sys. DoS.exe is the PoC to cause BSOD where vnlt9486.exe which contains the vulnerable driver VIRAGTLT.sys is installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, install vnlt9486.exe and execute DoS.exe. The system is expected to crash (BSOD) once DoS.exe is executed. DoS.zip