6.8
CVE-2025-0221
- EPSS 0.35%
- Veröffentlicht 05.01.2025 15:15:17
- Zuletzt bearbeitet 23.01.2025 17:52:39
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginIOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
I0bit ≫ Protected Folder Version <= 1.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.266 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| cna@vuldb.com | 6.8 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| cna@vuldb.com | 4.6 | 3.1 | 6.9 |
AV:L/AC:L/Au:S/C:N/I:N/A:C
|
CWE-404 Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://shareforall.notion.site/IOBit-Protected-Folder-pffilter-0x22200C-NPD-DOS-15260437bb1e80b2a477d42396d5d06c
https://vuldb.com/?ctiid.290200
https://vuldb.com/?id.290200
https://vuldb.com/?submit.466955