Medium severity6.1NVD Advisory· Published Mar 25, 2024· Updated Apr 15, 2026

CVE-2024-29216

Description

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the firmware.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/vu/JVNVU90671953/nvd
sangomakb.atlassian.net/wiki/spaces/DVC/pages/45351279/Natural+Access+Software+Downloadnvd

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000