{"uuid": "ea1e2c6b-dcc8-473a-8e78-b23da551dccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35250", "type": "seen", "source": "https://t.me/hackingbra/211", "content": "Exploit for Windows Kernel-Mode Driver Elevation of Privilege Flaw (CVE-2024-35250)\n\nThe vulnerability lies within the handling of property requests in the ks.sys driver. Specifically, when the KSPROPERTY_TYPE_UNSERIALIZESET flag is provided, a series of operations can be initiated that ultimately lead to arbitrary IOCTL calls. During this process, the user-supplied buffer is copied into a newly allocated space and executed without proper validation.", "creation_timestamp": "2024-10-15T19:03:54.000000Z"}