CVE-2011-0513

SecurStar DriveCrypt <= 5.4 - Local Privilege Escalation via DCR.sys IOCTL 0x00073800

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0513. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets a local kernel vulnerability in DriveCrypt <= 5.3 (CVE-2011-0513) to achieve privilege escalation by manipulating the DCR.sys driver via a crafted IOCTL request. It includes shellcode to switch tokens between processes, granting SYSTEM privileges.

Description

DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary code via a crafted argument to the 0x00073800 IOCTL.

Exploits (1)

exploitdb WORKING POC
by mu-b · clocalwindows
https://www.exploit-db.com/exploits/15972

This exploit targets a local kernel vulnerability in DriveCrypt <= 5.3 (CVE-2011-0513) to achieve privilege escalation by manipulating the DCR.sys driver via a crafted IOCTL request. It includes shellcode to switch tokens between processes, granting SYSTEM privileges.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: DriveCrypt <= 5.3
No auth needed
Prerequisites: Local access to the system · DriveCrypt <= 5.3 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70426
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45750
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15972
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0084
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42881

Scores

EPSS 0.0097
EPSS Percentile 57.3%

Details

CWE
CWE-20
Status published
Products (6)
securstar/drivecrypt 4.6
securstar/drivecrypt 4.61
securstar/drivecrypt 5.0
securstar/drivecrypt 5.1
securstar/drivecrypt 5.3
securstar/drivecrypt < 5.4
Published Jan 20, 2011
Tracked Since Feb 18, 2026