CVE-2018-10977

Vulnerability

The 2345 Security Guard version 3.7 driver 2345BdPcSafe.sys (x64) contains an input validation flaw in its handling of IOCTL 0x002220E4. The driver does not validate input values passed via this IOCTL, allowing a local user to trigger a Blue Screen of Death (BSOD) or cause other unspecified impacts. The vulnerability is described in a proof-of-concept (PoC) repository [1].

Exploitation

An attacker must have local access to the system and the ability to send IOCTL requests to the driver. The PoC demonstrates sending a crafted IOCTL 0x002220E4 with invalid input data, which causes the driver to fail and resulting in a BSOD. No additional privileges beyond local user access are required [1].

Impact

Successful exploitation results in a denial of service (BSOD) on the target system. The description also notes the possibility of unspecified other impacts, though the primary consequence documented is system crash [1]. The attacker does not gain elevated privileges or code execution based on the available information.

Mitigation

No official fix or patch has been disclosed in the available references. Users of 2345 Security Guard 3.7 should consider disabling or uninstalling the software until a patched version is released. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.