VYPR
High severity7.8NVD Advisory· Published Oct 16, 2017· Updated Jun 17, 2026

CVE-2017-15303

CVE-2017-15303

Description

In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41).

Affected products

2
  • Cpuid/CPU Z2 versions
    cpe:2.3:a:cpuid:cpu-z:*:*:*:*:*:windows:*:*+ 1 more
    • cpe:2.3:a:cpuid:cpu-z:*:*:*:*:*:windows:*:*range: <=1.42
    • (no CPE)range: <1.43

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.