CWE-20: Improper Input Validation vulnerability exists...
High severity
Unreviewed
Published
Jul 11, 2024
to the GitHub Advisory Database
•
Updated Jul 11, 2024
Description
Published by the National Vulnerability Database
Jul 11, 2024
Published to the GitHub Advisory Database
Jul 11, 2024
Last updated
Jul 11, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,
privilege escalation, and potentially kernel execution when a malicious actor with local user
access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
References