Home > Vulnerability Database > CVE-2024-10972

Mend.io Vulnerability Database

CVE-2024-10972

Date: December 16, 2024

Velocidex WinPmem versions below 4.1 suffer from an Improper Input Validation vulnerability whereby an attacker can directly communicate with the driver by accessing the "\\.\pmem" device. From that point, it is possible to communicate with the driver via regular device operations, starting with a system of IOCTLs. To send specific orders to the driver, one can use IRP_MJ_DEVICE_CONTROL control code. This issue is remediated in version 4.1.

Language: C

Severity Score

7.3

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-10972

Url: https://github.com/Velocidex/WinPmem/releases/tag/v4.1.dev1

Url: https://www.mend.io/vulnerability-database/CVE-2024-10972

Severity Score

7.3

Weakness Type (CWE)

Improper Input Validation

CWE-20

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-367

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-10972

Date: December 16, 2024

Language: C

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?