The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL (0x12007) to the vulnerable driver.
CVE Link
Exploit Platform
Exploit Type
Product Name