CVE-2023-52271

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 8, 2024
Updated: Jan 11, 2024

Summary

CVE-2023-52271 is a newly discovered vulnerability affecting the wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud software. This issue permits low-privileged attackers to terminate any Processes with Protected Process Light (PPLight) attribute through an unnamed IOCTL. Successful exploitation of this vulnerability could lead to significant system disruptions and potential data loss. The exact IOCTL name has yet to be identified, but it is crucial for Topaz Antifraud users to apply a patch or update as soon as one becomes available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share