CVE-2022-45770
HIGHAdguard < 7.12 - Local Privilege Escalation via Improper Input Validation in adgnetworkwfpdrv.sys
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2022-45770. PoCs published by Marsel-marsel.
AI-analyzed exploit summary This exploit targets CVE-2022-45770, a vulnerability in Adguard's driver allowing arbitrary kernel memory writes via IOCTL abuse. It leverages pool spraying and handle manipulation to achieve local privilege escalation (LPE).
Description
Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation.
Exploits (1)
nomisec
WORKING POC
8 stars
by Marsel-marsel · poc
https://github.com/Marsel-marsel/CVE-2022-45770
This exploit targets CVE-2022-45770, a vulnerability in Adguard's driver allowing arbitrary kernel memory writes via IOCTL abuse. It leverages pool spraying and handle manipulation to achieve local privilege escalation (LPE).
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target:
Adguard for Windows (driver CtrlSM_Protected2adgnetworkwfpdrv)
No auth needed
Prerequisites:
Adguard installed with vulnerable driver · Unprivileged user access
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Various Sources
https://hackmag.com/security/aguard-cve/
Various Sources
https://xakep.ru/2023/01/27/aguard-cve/
Patch, Release Notes, Vendor Advisory
https://adguard.com/en/versions/windows/release.html#version-71140780
Tool Signature
https://github.com/Marsel-marsel/CVE-2022-45770
Scores
CVSS v3
7.8
EPSS
0.0061
EPSS Percentile
45.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-20
Status
published
Products (1)
adguard/adguard
< 7.12
Published
Jan 26, 2023
Tracked Since
Feb 18, 2026