CVE-2018-5701
UnknownEPSS 18.45%
Last modified
CVE-2018-5701 is a vulnerability of currently unknown severity. In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.. EPSS estimates a 18.45% chance of exploitation in the next 30 days.
Description
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Iolo | System Shield | 5.0.0.136 |
References
- http://packetstormsecurity.com/files/146165/System-Shield-5.0.0.136-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/43929/Third Party Advisory, VDB Entry
- https://www.greyhathacker.net/?p=1006Exploit, Third Party Advisory
- http://packetstormsecurity.com/files/146165/System-Shield-5.0.0.136-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/43929/Third Party Advisory, VDB Entry
- https://www.greyhathacker.net/?p=1006Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-5701?
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
How severe is CVE-2018-5701?
Severity scoring for CVE-2018-5701 is pending analysis. The EPSS model estimates a 18.45% probability of exploitation in the next 30 days.
How do I fix CVE-2018-5701?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-5701?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST