CVE-2025-61155
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-28
Last updated on: 2025-12-04
Assigner: MITRE
Description
Description
The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and earlier) contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context without proper authentication or access validation, allowing the attacker to terminate arbitrary processes, including critical system and security services, without requiring administrative privileges.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hotta_studio | gamedriverx64 | 7.23.4.7 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Hotta Studio GameDriverX64.sys version 7.23.4.7, a signed kernel-mode anti-cheat driver. It allows local attackers to cause a denial of service by crashing arbitrary processes through sending specially crafted IOCTL requests to the driver.
How can this vulnerability impact me? :
An attacker with local access can exploit this vulnerability to crash arbitrary processes, leading to denial of service conditions on the affected system. This can disrupt normal operations and potentially affect system stability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70