Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
High

CVE-2021-41285

Disclosure Date: October 04, 2021 (last updated October 07, 2023)
Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapIoSpace function call (mapping physical memory into a virtual address space). Attackers could exploit this issue to achieve local privilege escalation to NT AUTHORITY\SYSTEM.