mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-29 20:39:28 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2025-7771
Description
ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Demoo1337/ThrottleStop
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/U65535F/ThrottleStopPoC
- https://github.com/Yuri08loveElaina/CVE-2025-7771
- https://github.com/fxrstor/ThrottleStopPoC
- https://github.com/nomi-sec/PoC-in-GitHub