Home / Early Warning / Vulnerabilidades / CVE-2020-13522

CVE-2020-13522

Type: 
Input Validation
Severity: 
Low
Publication date: 
08/04/2020
Last modified: 
08/06/2020
Description
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.
Impact
Access Vector: Local
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + No impact on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:softperfect:ram_disk:4.1:*:*:*:*:windows:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields