This vulnerability allows local attackers to escalate privileges on vulnerable installations of IKARUS anti.virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the ntguard_x64.sys kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
CVE Link
Exploit Platform
Exploit Type
Product Name