CVE-2023-1487

Public Exploit

Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C40A0E0 denial of service

Description

A vulnerability, which was classified as problematic, has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54. This issue affects the function 0x9C40208C/0x9C402000/0x9C402084/0x9C402088/0x9C402004/0x9C4060C4/0x9C4060CC/0x9C4060D0/0x9C4060D4/0x9C40A0DC/0x9C40A0D8/0x9C40A0DC/0x9C40A0E0 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-223373 was assigned to this vulnerability.

References

Link	Tags
https://vuldb.com/?id.223373	third party advisory vdb entry permissions required technical description
https://vuldb.com/?ctiid.223373	signature third party advisory permissions required
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1487	related third party advisory exploit
https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view	exploit

Frequently Asked Questions

What is the severity of CVE-2023-1487?: CVE-2023-1487 has been scored as a medium severity vulnerability.
How to fix CVE-2023-1487?: To fix CVE-2023-1487, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-1487 being actively exploited in the wild?: It is possible that CVE-2023-1487 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-1487?: CVE-2023-1487 affects Lespeed WiseCleaner Wise System Monitor.

Description

Category

CWE-404 – Improper Resource Shutdown or Release

References

Frequently Asked Questions