FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-0788

Improper Input Validation (CWE-20)

Published: Jan 29, 2024 / Updated: 9mo ago

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-0788

Jan 29, 2024 at 9:15 AM
First Article

Feedly found the first article mentioning CVE-2024-0788. See article

Jan 29, 2024 at 5:21 PM / National Vulnerability Database
EPSS

EPSS Score was set to: 0.04% (Percentile: 6.8%)

Jan 31, 2024 at 3:13 PM
CVSS

A CVSS base score of 5.5 has been assigned.

Sep 5, 2024 at 11:20 PM / nvd
Static CVE Timeline Graph

Affected Systems

Realdefen/superantispyware
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

cveNotify : 🚨 CVE-2024-0788SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.🎖@cveNotify
CTI Feeds - Cybercrime on Telegram / 2mo
cveNotify : 🚨 CVE-2024-0788SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.🎖@cveNotify
Update Mon Apr 29 18:06:03 UTC 2024
Recent Commits to cve:main / 6mo
Update Mon Apr 29 18:06:03 UTC 2024
RedPacket Security / 9mo
SUPERAntiSpyware Pro denial of service CVE-2024-0788 - https://www. redpacketsecurity.com/superant ispyware-pro-denial-of-service-cve-2024-0788/ # CVE # Vulnerability # OSINT # ThreatIntel # Cyber
CVE-2024-0788 | SUPERAntiSpyware Pro X 10.0.1260 API Parameter saskutil64.sys input validation
VulDB Recent Entries / 9mo
A vulnerability was found in SUPERAntiSpyware Pro X 10.0.1260 . It has been classified as problematic . Affected is an unknown function in the library saskutil64.sys of the component API Parameter Handler . The manipulation leads to improper input validation. This vulnerability is traded as CVE-2024-0788 . The attack needs to be approached locally. There is no exploit available.
Medium - CVE-2024-0788 - SUPERAntiSpyware Pro X v10.0.1260 is vulnerable...
Security-Database Alerts Monitor : Last 100 Alerts / 9mo
SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver.
See 4 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

CVSS 5.5(34617)CWE-20(11385)CWE-96(14)Realdefen()

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial