{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-1186","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-03-06T07:09:24.663Z","datePublished":"2023-03-06T07:09:57.318Z","dateUpdated":"2024-11-25T15:22:56.220Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-10-21T07:33:13.410Z"},"title":"FabulaTech Webcam for Remote Desktop IOCTL ftwebcam.sys 0x222018 null pointer dereference","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-476","lang":"en","description":"CWE-476 NULL Pointer Dereference"}]}],"affected":[{"vendor":"FabulaTech","product":"Webcam for Remote Desktop","versions":[{"version":"2.8.42","status":"affected"}],"modules":["IOCTL Handler"]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects the function 0x222010/0x222018 in the library ftwebcam.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-222358 is the identifier assigned to this vulnerability."},{"lang":"de","value":"In FabulaTech Webcam for Remote Desktop 2.8.42 wurde eine problematische Schwachstelle gefunden. Dabei geht es um die Funktion 0x222010/0x222018 in der Bibliothek ftwebcam.sys der Komponente IOCTL Handler. Durch Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":1.7,"vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P"}}],"timeline":[{"time":"2023-03-06T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-03-06T00:00:00.000Z","lang":"en","value":"CVE reserved"},{"time":"2023-03-06T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-03-31T16:24:18.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Zeze7w (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.222358","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.222358","tags":["signature","permissions-required"]},{"url":"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1186","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T05:40:57.979Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.222358","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.222358","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1186","tags":["exploit","x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-03-01T18:28:20.949633Z","id":"CVE-2023-1186","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-25T15:22:56.220Z"}}]}}