Description
Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- none
- Availability
- high
- Weaknesses
- CWE-125
Metadata
- Primary Vendor
- ANTI-VIRUS
- Published
- 2/13/2024
- Last Modified
- 5/19/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
anti-virus : vba32
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.