CVE-2024-45181
Description
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An improper bounds check in WibuKey64.sys before v6.70 allows crafted packets to cause an arbitrary address write, leading to kernel memory corruption.
Vulnerability
An issue exists in the WibuKey64.sys driver, part of WIBU-SYSTEMS WibuKey versions prior to 6.70. An improper bounds check in the driver's handling of specially crafted packets allows an attacker to trigger an arbitrary address write. The vulnerability is resolved in version 6.70 [1].
Exploitation
An attacker must be able to send crafted packets to the vulnerable driver. No authentication is mentioned as required, suggesting a locally accessible or network-exposed interface may suffice. The precise sequence is not disclosed beyond that a specially constructed packet exploits the bounds check weakness to achieve an arbitrary write.
Impact
Successful exploitation results in an arbitrary address write, which leads to kernel memory corruption. An attacker can potentially escalate privileges or cause denial of service, depending on which kernel memory region is corrupted [1].
Mitigation
WIBU-SYSTEMS has fixed this vulnerability in WibuKey version 6.70 [1]. Users are advised to update to this version immediately. No workaround is documented in the available references.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.