Skip to content
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
WindowsKernelVuln/CVE-2023-1487/
WindowsKernelVuln/CVE-2023-1487/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
 
 

Wise System Monitor, WiseHDInfo64.dll, DoS

Vulnerability Info

Version

Impact

Denial of Service

Description

From IoControlCode 0x9C40208C, 0x9C402000, 0x9C402084, 0x9C402088, 0x9C402004, 0x9C4060C4, 0x9C4060CC, 0x9C4060D0, 0x9C4060D4, 0x9C40A0DC, 0x9C40A0D8, 0x9C40A0DC, and 0x9C40A0E0, a normal user can cause DoS due to the lack of validating SystemBuffer.

Reproduce

In the attached file DoS1.zip, there are DoS1.exe, DoS1.cpp, WSMSetup_1.5.3.127.exe, and WiseHDInfo64.dll(which in fact a .sys). DoS1.exe is the PoC to cause DoS where WSMSetup_1.5.3.127.exe which contains the vulnerable driver WiseHDInfo64.dll is installed, and DoS1.cpp is the source code of DoS1.exe. To reproduce the issue, install WSMSetup_1.5.3.127.exe and execute DoS1.exe. It is expected that the system will crash (BSOD) once DoS1.exe is executed. Password for attachment: DoS1 https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view?usp=sharing