CVE-2022-45770

HIGH

Adguard < 7.12 - Local Privilege Escalation via Improper Input Validation in adgnetworkwfpdrv.sys

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-45770. PoCs published by Marsel-marsel.

AI-analyzed exploit summary This exploit targets CVE-2022-45770, a vulnerability in Adguard's driver allowing arbitrary kernel memory writes via IOCTL abuse. It leverages pool spraying and handle manipulation to achieve local privilege escalation (LPE).

Description

Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation.

Exploits (1)

nomisec WORKING POC 8 stars
by Marsel-marsel · poc
https://github.com/Marsel-marsel/CVE-2022-45770

This exploit targets CVE-2022-45770, a vulnerability in Adguard's driver allowing arbitrary kernel memory writes via IOCTL abuse. It leverages pool spraying and handle manipulation to achieve local privilege escalation (LPE).

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Adguard for Windows (driver CtrlSM_Protected2adgnetworkwfpdrv)
No auth needed
Prerequisites: Adguard installed with vulnerable driver · Unprivileged user access
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Scores

CVSS v3 7.8
EPSS 0.0061
EPSS Percentile 45.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-20
Status published
Products (1)
adguard/adguard < 7.12
Published Jan 26, 2023
Tracked Since Feb 18, 2026