High severity7.5NVD Advisory· Published Oct 30, 2017· Updated May 13, 2026

CVE-2017-15921

Description

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.

Affected products

Watchdogdevelopment/Anti Malware
cpe:2.3:a:watchdogdevelopment:anti-malware:2.74.186.150:*:*:*:*:*:*:*
Watchdogdevelopment/Online Security Pro
cpe:2.3:a:watchdogdevelopment:online_security_pro:2.74.186.150:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/144786/Watchdog-Development-Anti-Malware-Online-Security-Pro-NULL-Pointer-Dereference.htmlnvdExploitIssue TrackingThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/43058/nvdExploitIssue TrackingThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000