Security Advisory

CVE-2024-36056

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-26 22:50:09

Last updated 2025-02-13 15:59:14

Assigner mitre

State PUBLISHED

Description

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory via IOCTL 0x9c406490 (for IoAllocateMdl, MmBuildMdlForNonPagedPool, and MmMapLockedPages), leading to NT AUTHORITYSYSTEM privilege escalation.

← Browse all CVEs View on cve.org ↗