CVE-2023-1444 (GCVE-0-2023-1444)
Vulnerability from cvelistv5 – Published: 2023-03-17 06:33 – Updated: 2025-02-26 14:53
VLAI?
Title
Filseclab Twister Antivirus IoControlCode fildds.sys 0x8011206B denial of service
Summary
A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects the function 0x8011206B in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability.
Severity ?
7.5 (High)
7.5 (High)
CWE
- CWE-404 - Denial of Service
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Filseclab | Twister Antivirus |
Affected:
8
|
Credits
Zeze7w (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:49:11.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.223289"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.223289"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1444",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:53:06.054001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T14:53:46.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"IoControlCode Handler"
],
"product": "Twister Antivirus",
"vendor": "Filseclab",
"versions": [
{
"status": "affected",
"version": "8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Zeze7w (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects the function 0x8011206B in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Filseclab Twister Antivirus 8 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion 0x8011206B in der Bibliothek fildds.sys der Komponente IoControlCode Handler. Dank der Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-21T08:52:33.040Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.223289"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.223289"
},
{
"tags": [
"related"
],
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-03-17T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-03-17T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-03-17T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-04-11T09:38:17.000Z",
"value": "VulDB entry last update"
}
],
"title": "Filseclab Twister Antivirus IoControlCode fildds.sys 0x8011206B denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-1444",
"datePublished": "2023-03-17T06:33:20.430Z",
"dateReserved": "2023-03-17T06:33:05.214Z",
"dateUpdated": "2025-02-26T14:53:46.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E731869E-4FB3-4858-AAD7-996B106E0543\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects the function 0x8011206B in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability.\"}]",
"id": "CVE-2023-1444",
"lastModified": "2024-11-21T07:39:11.957",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2023-03-17T07:15:11.083",
"references": "[{\"url\": \"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://vuldb.com/?ctiid.223289\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://vuldb.com/?id.223289\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://vuldb.com/?ctiid.223289\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://vuldb.com/?id.223289\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-404\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-1444\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2023-03-17T07:15:11.083\",\"lastModified\":\"2024-11-21T07:39:11.957\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects the function 0x8011206B in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:filseclab:twister_antivirus:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E731869E-4FB3-4858-AAD7-996B106E0543\"}]}]}],\"references\":[{\"url\":\"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.223289\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?id.223289\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.223289\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?id.223289\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2023-10-21T08:52:33.040Z\"}, \"title\": \"Filseclab Twister Antivirus IoControlCode fildds.sys 0x8011206B denial of service\", \"problemTypes\": [{\"descriptions\": [{\"type\": \"CWE\", \"cweId\": \"CWE-404\", \"lang\": \"en\", \"description\": \"CWE-404 Denial of Service\"}]}], \"affected\": [{\"vendor\": \"Filseclab\", \"product\": \"Twister Antivirus\", \"versions\": [{\"version\": \"8\", \"status\": \"affected\"}], \"modules\": [\"IoControlCode Handler\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in Filseclab Twister Antivirus 8. It has been rated as critical. This issue affects the function 0x8011206B in the library fildds.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223289 was assigned to this vulnerability.\"}, {\"lang\": \"de\", \"value\": \"Eine Schwachstelle wurde in Filseclab Twister Antivirus 8 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion 0x8011206B in der Bibliothek fildds.sys der Komponente IoControlCode Handler. Dank der Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \\u00fcber das Netzwerk. Der Exploit steht zur \\u00f6ffentlichen Verf\\u00fcgung.\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseSeverity\": \"HIGH\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 7.5, \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseSeverity\": \"HIGH\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 7.8, \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\"}}], \"timeline\": [{\"time\": \"2023-03-17T00:00:00.000Z\", \"lang\": \"en\", \"value\": \"Advisory disclosed\"}, {\"time\": \"2023-03-17T00:00:00.000Z\", \"lang\": \"en\", \"value\": \"CVE reserved\"}, {\"time\": \"2023-03-17T01:00:00.000Z\", \"lang\": \"en\", \"value\": \"VulDB entry created\"}, {\"time\": \"2023-04-11T09:38:17.000Z\", \"lang\": \"en\", \"value\": \"VulDB entry last update\"}], \"credits\": [{\"lang\": \"en\", \"value\": \"Zeze7w (VulDB User)\", \"type\": \"analyst\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.223289\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.223289\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\", \"tags\": [\"related\"]}, {\"url\": \"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\", \"tags\": [\"exploit\"]}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:49:11.414Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://vuldb.com/?id.223289\", \"tags\": [\"vdb-entry\", \"technical-description\", \"x_transferred\"]}, {\"url\": \"https://vuldb.com/?ctiid.223289\", \"tags\": [\"signature\", \"permissions-required\", \"x_transferred\"]}, {\"url\": \"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1444\", \"tags\": [\"related\", \"x_transferred\"]}, {\"url\": \"https://drive.google.com/file/d/1KrkezTwgmt5CnhzlyyWVNLIAeiMvuDEr/view\", \"tags\": [\"exploit\", \"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1444\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-26T14:53:06.054001Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-26T14:53:13.408Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2023-1444\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"VulDB\", \"dateReserved\": \"2023-03-17T06:33:05.214Z\", \"datePublished\": \"2023-03-17T06:33:20.430Z\", \"dateUpdated\": \"2025-02-26T14:53:46.761Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…