Twister Antivirus v8.17 - DoS
5,5
Medium
Discovered by
Offensive Team, Fluid Attacks
Summary
Full name
Twister Antivirus v8.17 - Denial of Service
Code name
State
Public
Release date
6 feb 2024
Affected product
Twister Antivirus
Vendor
Filseclab
Affected version(s)
Version 8.17
Vulnerability name
Denial of Service (DoS)
Vulnerability type
Remotely exploitable
No
CVSS v3.0 vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS v3.0 base score
5.5
Exploit available
Yes
CVE ID(s)
Description
Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.
Vulnerability
The 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL code of the fildds.sys driver allows to perform a Denial of Service, leading to a BSOD of the affected computer caused by a NULL pointer dereference.
The resulting debugging session when triggering those IOCTLs resemble the following:
Our security policy
We have reserved the ID CVE-2024-1096 to refer to this issue from now on.
System Information
Version: Twister Antivirus v8.17
Operating System: Windows
Mitigation
There is currently no patch available for this vulnerability.
References
Vendor page http://www.filseclab.com/en-us/index.htm
Product page http://www.filseclab.com/en-us/products/twister.htm
Timeline
IA generativa
2 feb 2024
Vendor contacted
2 feb 2024
Public disclosure
6 feb 2024
