CVE-2018-15732

MEDIUM

STOPzilla AntiMalware 6.5.2.59 - Arbitrary Write via szkg64.sys IOCtl 0x80002063

Title source: llm
STIX 2.1

Description

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063.

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.greyhathacker.net
Exploit, Third Party Advisory x_refsource_misc
https://www.greyhathacker.net/?p=1025

Scores

CVSS v3 5.5
EPSS 0.0047
EPSS Percentile 37.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (1)
stopzilla/antimalware 6.5.2.59
Published Jun 21, 2019
Tracked Since Feb 18, 2026