CVE-2024-33226

CRITICAL

Wistron Corporation TBT Force Power Control <1.0.0.0 - Privilege Es...

Title source: llm

Description

An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

References (1)

Core 1

Core References

Various Sources

https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33226

View Writeup ZIP pw:eip

Scores

CVSS v3 9.9

EPSS 0.0044

EPSS Percentile 34.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Published May 22, 2024

Tracked Since Feb 18, 2026