Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-23440

Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer.

Published

2024-02-13T15:15:09.070

Last Modified

2025-05-19T19:15:47.370

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

Weaknesses

Type: Secondary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	anti-virus	vba32	3.36.0	Yes

References

https://fluidattacks.com/advisories/adderley/ Third Party Advisory ([email protected])
https://www.anti-virus.by/vba32 Product ([email protected])
https://fluidattacks.com/advisories/adderley/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.anti-virus.by/vba32 Product (af854a3a-2127-422b-91ae-364da2661108)