CVE-2024-39251
CRITICALDescription
An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-39251? +
How severe is CVE-2024-39251? +
How do I check if I'm vulnerable to CVE-2024-39251? +
Related Vulnerabilities
An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, …
Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative …
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and …
ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the …
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via …
An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via …