What is CVE-2024-0788?

CVE-2024-0788 is a medium-severity vulnerability in Superantispyware Pro X, classified under Improper Neutralization of Directives in Statically Saved Code (Static Code Injection). CVSS score: 6.6/10. Published 2024-01-29.

How severe is CVE-2024-0788?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Vulnerability in Superantispyware Pro X

CVE-2024-0788

SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.

EPSS: 0.000 (13.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H.

Affected products

Superantispyware Pro X — versions 10.0.1260

Weakness classification (CWE)

CWE-96 — Improper Neutralization of Directives in Statically Saved Code (Static Code Injection)

References

fluidattacks.com/advisories/brubeck/ (third-party-advisory)
www.superantispyware.com/professional-x-edition.html (product)

Frequently asked questions

What is CVE-2024-0788?: CVE-2024-0788 is a medium-severity vulnerability in Superantispyware Pro X, classified under Improper Neutralization of Directives in Statically Saved Code (Static Code Injection). CVSS score: 6.6/10. Published 2024-01-29.
How severe is CVE-2024-0788?: Medium severity. CVSS v3 base score is 6.6 out of 10.