Security Advisory

CVE-2020-13523

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-04 19:02:11
Last updated 2024-08-04 12:18:18
Assigner talos
State PUBLISHED

Description

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.