An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.
Access Vector: Local
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + No impact on system confidentiality + Partially affects on system availability
Vulnerable software and versions
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools