CVE-2025-52347

Sažetak

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call.

Reference

https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2025-52347
https://www.osforensics.com/whats-new.html
https://www.passmark.com/products/burnintest/history.php
https://www.passmark.com/products/performancetest/history.php

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

01-05-2026 - 19:16

Objavljeno

01-05-2026 - 19:16