Search criteria
3 vulnerabilities found for wise_force_deleter by wisecleaner
FKIE_CVE-2023-1486
Vulnerability from fkie_nvd - Published: 2023-03-18 21:15 - Updated: 2024-11-21 07:39
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view | Exploit | |
| cna@vuldb.com | https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486 | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.223372 | Permissions Required, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?id.223372 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.223372 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.223372 | Permissions Required, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wisecleaner | wise_force_deleter | 1.5.3.54 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wisecleaner:wise_force_deleter:1.5.3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "9A456B6E-E9C7-4FC1-94CC-55B7DEBDAA4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372."
}
],
"id": "CVE-2023-1486",
"lastModified": "2024-11-21T07:39:17.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-18T21:15:11.377",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.223372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.223372"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
}
CVE-2023-1486 (GCVE-0-2023-1486)
Vulnerability from cvelistv5 – Published: 2023-03-18 20:31 – Updated: 2024-08-02 05:49
VLAI?
Title
Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control
Summary
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
Severity ?
4.4 (Medium)
4.4 (Medium)
CWE
- CWE-284 - Improper Access Controls
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lespeed | WiseCleaner Wise Force Deleter |
Affected:
1.5.3.54
|
Credits
Zeze7w (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:49:11.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.223372"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"IoControlCode Handler"
],
"product": "WiseCleaner Wise Force Deleter",
"vendor": "Lespeed",
"versions": [
{
"status": "affected",
"version": "1.5.3.54"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Zeze7w (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372."
},
{
"lang": "de",
"value": "In Lespeed WiseCleaner Wise Force Deleter 1.5.3.54 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion 0x220004 in der Bibliothek WiseUnlock64.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.2,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-21T09:26:43.169Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.223372"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"tags": [
"related"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-03-18T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-03-18T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-03-18T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-04-11T18:35:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-1486",
"datePublished": "2023-03-18T20:31:04.640Z",
"dateReserved": "2023-03-18T20:02:45.749Z",
"dateUpdated": "2024-08-02T05:49:11.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1486 (GCVE-0-2023-1486)
Vulnerability from nvd – Published: 2023-03-18 20:31 – Updated: 2024-08-02 05:49
VLAI?
Title
Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control
Summary
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
Severity ?
4.4 (Medium)
4.4 (Medium)
CWE
- CWE-284 - Improper Access Controls
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lespeed | WiseCleaner Wise Force Deleter |
Affected:
1.5.3.54
|
Credits
Zeze7w (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:49:11.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.223372"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"IoControlCode Handler"
],
"product": "WiseCleaner Wise Force Deleter",
"vendor": "Lespeed",
"versions": [
{
"status": "affected",
"version": "1.5.3.54"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Zeze7w (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372."
},
{
"lang": "de",
"value": "In Lespeed WiseCleaner Wise Force Deleter 1.5.3.54 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion 0x220004 in der Bibliothek WiseUnlock64.sys der Komponente IoControlCode Handler. Mittels Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.2,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-21T09:26:43.169Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.223372"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.223372"
},
{
"tags": [
"related"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-03-18T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-03-18T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-03-18T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-04-11T18:35:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Lespeed WiseCleaner Wise Force Deleter IoControlCode WiseUnlock64.sys 0x220004 access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-1486",
"datePublished": "2023-03-18T20:31:04.640Z",
"dateReserved": "2023-03-18T20:02:45.749Z",
"dateUpdated": "2024-08-02T05:49:11.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}