Common Weakness Enumeration

CWE-782

Allowed

Exposed IOCTL with Insufficient Access Control

Abstraction: Variant · Status: Draft

The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.

50 vulnerabilities reference this CWE, most recent first.

GHSA-9CV5-2H9V-98P5

Vulnerability from github – Published: 2026-07-07 18:30 – Updated: 2026-07-07 18:30
VLAI
Details

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-57851"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-07T17:16:36Z",
    "severity": "HIGH"
  },
  "details": "MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.",
  "id": "GHSA-9cv5-2h9v-98p5",
  "modified": "2026-07-07T18:30:44Z",
  "published": "2026-07-07T18:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57851"
    },
    {
      "type": "WEB",
      "url": "https://github.com/readmsr/MSI_FeatureManager_CVE"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/msi-gamegaraj-kerncorelib64-sys-privilege-escalation-via-ioctl-handlers"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-9FQ9-VH4P-342C

Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-08 09:31
VLAI
Details

An exposed IOCTL with an  insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker with high privileges could abuse these interfaces to perform unauthorized operations. Successful exploitation may result in privilege escalation on Windows 7 systems or cause a system crash (BSoD) on Windows 10 and 11 systems, leading to a denial-of-service condition. The vulnerability could slightly affect the confidentiality and integrity of the device, but availability might be heavily impacted. No impact to the subsequent system has been identified.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4483"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T08:16:24Z",
    "severity": "HIGH"
  },
  "details": "An exposed IOCTL with an\u00a0 insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa\u2019s industrial x86 computers.\u00a0The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory.\u00a0A local attacker with high privileges could abuse these interfaces to perform unauthorized operations.\u00a0Successful exploitation may result in privilege escalation on Windows 7 systems or cause a system crash (BSoD) on Windows 10 and 11 systems, leading to a denial-of-service condition.\u00a0The vulnerability could slightly affect the confidentiality and integrity of the device, but availability might be heavily impacted.\u00a0No impact to the subsequent system has been identified.",
  "id": "GHSA-9fq9-vh4p-342c",
  "modified": "2026-04-08T09:31:31Z",
  "published": "2026-04-08T09:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4483"
    },
    {
      "type": "WEB",
      "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-254811-cve-2026-4483-exposed-ioctl-with-insufficient-access-control-vulnerability-in-the-utility-for-x86-computers"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-C8H5-GMVF-FXHW

Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-01 15:31
VLAI
Details

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33218"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T15:15:28Z",
    "severity": "HIGH"
  },
  "details": "An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
  "id": "GHSA-c8h5-gmvf-fxhw",
  "modified": "2024-08-01T15:31:45Z",
  "published": "2024-05-22T15:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33218"
    },
    {
      "type": "WEB",
      "url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33218"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CX9M-X7W8-76M2

Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-15 18:31
VLAI
Details

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33220"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T15:15:28Z",
    "severity": "HIGH"
  },
  "details": "An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
  "id": "GHSA-cx9m-x7w8-76m2",
  "modified": "2024-08-15T18:31:43Z",
  "published": "2024-05-22T15:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33220"
    },
    {
      "type": "WEB",
      "url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33220"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CXM7-54MF-PWWG

Vulnerability from github – Published: 2026-06-26 06:30 – Updated: 2026-06-26 06:30
VLAI
Details

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8797"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-26T05:16:31Z",
    "severity": "HIGH"
  },
  "details": "An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.",
  "id": "GHSA-cxm7-54mf-pwwg",
  "modified": "2026-06-26T06:30:33Z",
  "published": "2026-06-26T06:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8797"
    },
    {
      "type": "WEB",
      "url": "https://jpn.nec.com/security-info/secinfo/nv26-004_en.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-F3W2-7G86-VJJ4

Vulnerability from github – Published: 2024-07-01 21:31 – Updated: 2024-07-11 15:30
VLAI
Details

An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39251"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-01T19:15:05Z",
    "severity": "CRITICAL"
  },
  "details": "An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.",
  "id": "GHSA-f3w2-7g86-vjj4",
  "modified": "2024-07-11T15:30:43Z",
  "published": "2024-07-01T21:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39251"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Souhardya/Exploit-PoCs/tree/main/ThundeRobot_Control_center"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F8P7-VVXP-HCXV

Vulnerability from github – Published: 2025-08-06 12:31 – Updated: 2025-08-06 12:31
VLAI
Details

ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7771"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-06T10:15:35Z",
    "severity": "HIGH"
  },
  "details": "ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections.\u00a0ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.",
  "id": "GHSA-f8p7-vvxp-hcxv",
  "modified": "2025-08-06T12:31:20Z",
  "published": "2025-08-06T12:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7771"
    },
    {
      "type": "WEB",
      "url": "https://github.com/klsecservices/Advisories/blob/master/K-TechPowerUp-2025-001.md"
    },
    {
      "type": "WEB",
      "url": "https://securelist.com/av-killer-exploiting-throttlestop-sys/117026"
    },
    {
      "type": "WEB",
      "url": "https://www.techpowerup.com/download/techpowerup-throttlestop"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-FFVH-2C66-6XGP

Vulnerability from github – Published: 2024-06-25 06:30 – Updated: 2024-06-25 06:30
VLAI
Details

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4196"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-25T04:15:16Z",
    "severity": "CRITICAL"
  },
  "details": "An improper input validation vulnerability  was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.",
  "id": "GHSA-ffvh-2c66-6xgp",
  "modified": "2024-06-25T06:30:39Z",
  "published": "2024-06-25T06:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4196"
    },
    {
      "type": "WEB",
      "url": "https://download.avaya.com/css/public/documents/101090768"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FPMF-FC9X-9W73

Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-01 15:31
VLAI
Details

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33221"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T15:15:28Z",
    "severity": "HIGH"
  },
  "details": "An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
  "id": "GHSA-fpmf-fc9x-9w73",
  "modified": "2024-08-01T15:31:45Z",
  "published": "2024-05-22T15:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33221"
    },
    {
      "type": "WEB",
      "url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33221"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FVF2-H9V7-HP42

Vulnerability from github – Published: 2024-04-27 00:30 – Updated: 2024-08-22 21:31
VLAI
Details

An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-30804"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-782"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-26T22:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.",
  "id": "GHSA-fvf2-h9v7-hp42",
  "modified": "2024-08-22T21:31:28Z",
  "published": "2024-04-27T00:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30804"
    },
    {
      "type": "WEB",
      "url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-30804"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

In Windows environments, use proper access control for the associated device or device namespace. See References.

No CAPEC attack patterns related to this CWE.