Vulnerability in Filseclab Twister_antivirus

CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper…

EPSS: 0.005 (39.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

  • cna@vuldb.com (Permissions Required, technical-description, Third Party Advisory, vdb-entry)
  • cna@vuldb.com (signature, Permissions Required, permissions-required, Third Party Advisory)
  • cna@vuldb.com (related, Exploit, Patch, Third Party Advisory)
  • cna@vuldb.com (exploit, Broken Link)

Frequently asked questions

What is CVE-2023-1007?
CVE-2023-1007 is a medium-severity vulnerability in Filseclab Twister_antivirus, classified under Improper Access Control. CVSS score: 5.3/10. Published 2023-02-24.
How severe is CVE-2023-1007?
Medium severity. CVSS v3 base score is 5.3 out of 10.
Is CVE-2023-1007 known to be exploited?
2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.