High severity8.2OSV Advisory· Published Dec 16, 2024· Updated Apr 15, 2026

CVE-2024-12668

Description

Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the location in memory for the g_CiOptions global symbol. This can be leveraged to disable signed driver enforcement on the target system - allowing attackers to load unsigned drivers.

Affected products

Velocidex/WinpmemOSV2 versions
v4.0.rc1+ 1 more
- (no CPE)range: v4.0.rc1
- (no CPE)range: <4.1

Patches

57f829bc00b2

https://github.com/velocidex/winpmemvia osv

commit

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Velocidex/WinPmem/releases/tag/v4.1.dev1nvd

News mentions

No linked articles in our index yet.

cvss	0.533
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000