CVE-2018-15738

MEDIUM

STOPzilla AntiMalware 6.5.2.59 - Arbitrary Write via IOCtl 0x8000205F

Title source: llm
STIX 2.1

Description

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.greyhathacker.net
Exploit, Third Party Advisory x_refsource_misc
https://www.greyhathacker.net/?p=1025

Scores

CVSS v3 5.5
EPSS 0.0045
EPSS Percentile 36.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (1)
stopzilla/antimalware 6.5.2.59
Published Jul 09, 2019
Tracked Since Feb 18, 2026