Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for flexihub by electronic

    CVE-2023-2872 (GCVE-0-2023-2872)

    Vulnerability from nvd – Published: 2023-05-24 18:00 – Updated: 2024-08-02 06:33
    VLAI
    Title
    FlexiHub IoControlCode fusbhub.sys 0x220088 null pointer dereference
    Summary
    A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a FlexiHub Affected: 5.5.14691.0
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:06.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229851"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229851"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2872"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IoControlCode Handler"
              ],
              "product": "FlexiHub",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.5.14691.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in FlexiHub 5.5.14691.0 entdeckt. Sie wurde als problematisch eingestuft. Hiervon betroffen ist die Funktion 0x220088 in der Bibliothek fusbhub.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:59:58.107Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.229851"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229851"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2872"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-24T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-17T09:28:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "FlexiHub IoControlCode fusbhub.sys 0x220088 null pointer dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2872",
        "datePublished": "2023-05-24T18:00:04.078Z",
        "dateReserved": "2023-05-24T17:14:48.366Z",
        "dateUpdated": "2024-08-02T06:33:06.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2872 (GCVE-0-2023-2872)

    Vulnerability from cvelistv5 – Published: 2023-05-24 18:00 – Updated: 2024-08-02 06:33
    VLAI
    Title
    FlexiHub IoControlCode fusbhub.sys 0x220088 null pointer dereference
    Summary
    A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a FlexiHub Affected: 5.5.14691.0
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:06.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.229851"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.229851"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2872"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IoControlCode Handler"
              ],
              "product": "FlexiHub",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.5.14691.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229851. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in FlexiHub 5.5.14691.0 entdeckt. Sie wurde als problematisch eingestuft. Hiervon betroffen ist die Funktion 0x220088 in der Bibliothek fusbhub.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-23T06:59:58.107Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.229851"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.229851"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2872"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-05-24T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-05-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-06-17T09:28:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "FlexiHub IoControlCode fusbhub.sys 0x220088 null pointer dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-2872",
        "datePublished": "2023-05-24T18:00:04.078Z",
        "dateReserved": "2023-05-24T17:14:48.366Z",
        "dateUpdated": "2024-08-02T06:33:06.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }