CWE-782
AllowedExposed IOCTL with Insufficient Access Control
Abstraction: Variant · Status: Draft
The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.
50 vulnerabilities reference this CWE, most recent first.
GHSA-9CV5-2H9V-98P5
Vulnerability from github – Published: 2026-07-07 18:30 – Updated: 2026-07-07 18:30MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.
{
"affected": [],
"aliases": [
"CVE-2026-57851"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-07T17:16:36Z",
"severity": "HIGH"
},
"details": "MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.",
"id": "GHSA-9cv5-2h9v-98p5",
"modified": "2026-07-07T18:30:44Z",
"published": "2026-07-07T18:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57851"
},
{
"type": "WEB",
"url": "https://github.com/readmsr/MSI_FeatureManager_CVE"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/msi-gamegaraj-kerncorelib64-sys-privilege-escalation-via-ioctl-handlers"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9FQ9-VH4P-342C
Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-08 09:31An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker with high privileges could abuse these interfaces to perform unauthorized operations. Successful exploitation may result in privilege escalation on Windows 7 systems or cause a system crash (BSoD) on Windows 10 and 11 systems, leading to a denial-of-service condition. The vulnerability could slightly affect the confidentiality and integrity of the device, but availability might be heavily impacted. No impact to the subsequent system has been identified.
{
"affected": [],
"aliases": [
"CVE-2026-4483"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T08:16:24Z",
"severity": "HIGH"
},
"details": "An exposed IOCTL with an\u00a0 insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa\u2019s industrial x86 computers.\u00a0The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory.\u00a0A local attacker with high privileges could abuse these interfaces to perform unauthorized operations.\u00a0Successful exploitation may result in privilege escalation on Windows 7 systems or cause a system crash (BSoD) on Windows 10 and 11 systems, leading to a denial-of-service condition.\u00a0The vulnerability could slightly affect the confidentiality and integrity of the device, but availability might be heavily impacted.\u00a0No impact to the subsequent system has been identified.",
"id": "GHSA-9fq9-vh4p-342c",
"modified": "2026-04-08T09:31:31Z",
"published": "2026-04-08T09:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4483"
},
{
"type": "WEB",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-254811-cve-2026-4483-exposed-ioctl-with-insufficient-access-control-vulnerability-in-the-utility-for-x86-computers"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-C8H5-GMVF-FXHW
Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-01 15:31An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
{
"affected": [],
"aliases": [
"CVE-2024-33218"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T15:15:28Z",
"severity": "HIGH"
},
"details": "An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
"id": "GHSA-c8h5-gmvf-fxhw",
"modified": "2024-08-01T15:31:45Z",
"published": "2024-05-22T15:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33218"
},
{
"type": "WEB",
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33218"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CX9M-X7W8-76M2
Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-15 18:31An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
{
"affected": [],
"aliases": [
"CVE-2024-33220"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T15:15:28Z",
"severity": "HIGH"
},
"details": "An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
"id": "GHSA-cx9m-x7w8-76m2",
"modified": "2024-08-15T18:31:43Z",
"published": "2024-05-22T15:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33220"
},
{
"type": "WEB",
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33220"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CXM7-54MF-PWWG
Vulnerability from github – Published: 2026-06-26 06:30 – Updated: 2026-06-26 06:30An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.
{
"affected": [],
"aliases": [
"CVE-2026-8797"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-26T05:16:31Z",
"severity": "HIGH"
},
"details": "An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.",
"id": "GHSA-cxm7-54mf-pwwg",
"modified": "2026-06-26T06:30:33Z",
"published": "2026-06-26T06:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8797"
},
{
"type": "WEB",
"url": "https://jpn.nec.com/security-info/secinfo/nv26-004_en.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-F3W2-7G86-VJJ4
Vulnerability from github – Published: 2024-07-01 21:31 – Updated: 2024-07-11 15:30An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.
{
"affected": [],
"aliases": [
"CVE-2024-39251"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-01T19:15:05Z",
"severity": "CRITICAL"
},
"details": "An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.",
"id": "GHSA-f3w2-7g86-vjj4",
"modified": "2024-07-11T15:30:43Z",
"published": "2024-07-01T21:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39251"
},
{
"type": "WEB",
"url": "https://github.com/Souhardya/Exploit-PoCs/tree/main/ThundeRobot_Control_center"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F8P7-VVXP-HCXV
Vulnerability from github – Published: 2025-08-06 12:31 – Updated: 2025-08-06 12:31ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.
{
"affected": [],
"aliases": [
"CVE-2025-7771"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-06T10:15:35Z",
"severity": "HIGH"
},
"details": "ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections.\u00a0ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.",
"id": "GHSA-f8p7-vvxp-hcxv",
"modified": "2025-08-06T12:31:20Z",
"published": "2025-08-06T12:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7771"
},
{
"type": "WEB",
"url": "https://github.com/klsecservices/Advisories/blob/master/K-TechPowerUp-2025-001.md"
},
{
"type": "WEB",
"url": "https://securelist.com/av-killer-exploiting-throttlestop-sys/117026"
},
{
"type": "WEB",
"url": "https://www.techpowerup.com/download/techpowerup-throttlestop"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-FFVH-2C66-6XGP
Vulnerability from github – Published: 2024-06-25 06:30 – Updated: 2024-06-25 06:30An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.
{
"affected": [],
"aliases": [
"CVE-2024-4196"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-25T04:15:16Z",
"severity": "CRITICAL"
},
"details": "An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.",
"id": "GHSA-ffvh-2c66-6xgp",
"modified": "2024-06-25T06:30:39Z",
"published": "2024-06-25T06:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4196"
},
{
"type": "WEB",
"url": "https://download.avaya.com/css/public/documents/101090768"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FPMF-FC9X-9W73
Vulnerability from github – Published: 2024-05-22 15:31 – Updated: 2024-08-01 15:31An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
{
"affected": [],
"aliases": [
"CVE-2024-33221"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T15:15:28Z",
"severity": "HIGH"
},
"details": "An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.",
"id": "GHSA-fpmf-fc9x-9w73",
"modified": "2024-08-01T15:31:45Z",
"published": "2024-05-22T15:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33221"
},
{
"type": "WEB",
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33221"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FVF2-H9V7-HP42
Vulnerability from github – Published: 2024-04-27 00:30 – Updated: 2024-08-22 21:31An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.
{
"affected": [],
"aliases": [
"CVE-2024-30804"
],
"database_specific": {
"cwe_ids": [
"CWE-782"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-26T22:15:08Z",
"severity": "CRITICAL"
},
"details": "An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.",
"id": "GHSA-fvf2-h9v7-hp42",
"modified": "2024-08-22T21:31:28Z",
"published": "2024-04-27T00:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30804"
},
{
"type": "WEB",
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-30804"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
In Windows environments, use proper access control for the associated device or device namespace. See References.
No CAPEC attack patterns related to this CWE.