CVE-2025-52347

HIGH

PassMark BurnInTest 11.0 Build 1011 - Privilege Escalation

Title source: llm

Description

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call.

References (4)

Core 4

Core References

https://www.passmark.com/products/performancetest/history.php

https://www.osforensics.com/whats-new.html

https://www.passmark.com/products/burnintest/history.php

https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2025-52347

View Writeup ZIP pw:eip

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 5.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-20 CWE-269

Status published

Published May 01, 2026

Tracked Since May 02, 2026