CVE-2021-47789

HIGH

Yenkee Yms 3029 Firmware - Out-of-Bounds Write

Title source: rule

Description

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash.

Exploits (1)

exploitdb WORKING POC

by Quadron Research Lab · pythondoswindows

https://www.exploit-db.com/exploits/50311

View Code ZIP pw:eip

References (4)

[Exploit] https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/GM312Fltr

[Exploit] https://www.exploit-db.com/exploits/50311

[Third Party Advisory] https://www.vulncheck.com/advisories/yenkee-hornet-gaming-mouse-gmfltrsys-denial-of-service-poc

[Product] https://www.yenkee.eu/

Scores

CVSS v3 7.5

EPSS 0.0001

EPSS Percentile 2.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-787 CWE-121

Status published

Products (2)

Yenkee/Yenkee Hornet Gaming Mouse all version

yenkee/yms_3029_firmware

Published Jan 16, 2026

Tracked Since Feb 18, 2026