CVE-2023-44976
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-01

Last updated on: 2025-08-04

Assigner: MITRE

Description
Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-01
Last Modified
2025-08-04
Generated
2026-05-07
AI Q&A
2025-08-01
EPSS Evaluated
2026-05-05
NVD
CVE-2023-44976
EUVD
EUVD-2023-49299
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
panda antivirus *
avg antivirus *
shunwang rentdrv2 *
microsoft windows_defender *
avast antivirus *
360 antivirus *
kaspersky antivirus *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-782 The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate Endpoint Detection and Response (EDR) processes by using the DeviceIoControl function with a specific control code (0x22E010). This can lead to disruption of security monitoring and possibly other unspecified impacts. It was actively exploited in the wild in October 2023.


How can this vulnerability impact me? :

The vulnerability can allow a local user with high privileges to terminate security-related EDR processes, potentially disabling security monitoring and protection on the affected system. This could increase the risk of further attacks or unauthorized activities going undetected.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart