CNNVD-202512-3188 Information

CNNVD ID

CNNVD-202512-3188

Related CVE

CVE-2025-67790

• CNNVD Published: 2025-12-17

Description (Chinese)

DriveLock是德国DriveLock公司的一个端点安全与数据保护平台。 DriveLock 24.1.6之前版本、24.2.7之前版本和25.1.5之前版本存在安全漏洞，该漏洞源于无特权用户可能通过使用IOCTL和未终止的字符串导致Windows计算机出现蓝屏死机。

Description (English)

DriveLock is an end-point security and data protection platform of the German firm DriveLock. There is a security loophole in previous versions of DriveLock 24.1.6, 24.2.7 and 25.1.5, which stems from the possibility that unprivileged users may have led to the emergence of a blue screen death machine in Windows computers by using IOCTL and unterminated strings.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

DriveLock

Published

2025-12-17

Last Modified

2026-02-24

References

https://drivelock.help/versions/2025_1/web/en/releasenotes/Content/ReleaseNotes_DriveLock/SecurityBulletins/25-005-BufferOverreadBSOD.htm https://access.redhat.com/security/cve/cve-2025-67790

Patch

https://drivelock.help/versions/2025_2/web/en/releasenotes/Content/ReleaseNotes_DriveLock/NewRelease/DL_RelNotes.htm