CVE-2015-2291CISA KEV: Actively Exploited

Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability

Published Feb 10, 2023·Updated Feb 10, 2023

Description

Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service (DoS).

Public Exploits & PoCs5 found

PoC: Intel-CVE-2015-2291

PoC exploit for CVE-2015-2291

2

PoC: iqvw64e-privilege-escalation

CVE-2015-2291 Local Privilege Escalation PoC

1

PoC: CVE-2015-2291-Spoofer-Analysis

Overview of a application that I reversed using the CVE-2015-2291 exploit from the Intel Ethernet Diagnostics Driver (iQVW32.sys) for memory manipulation used in hwid spoofing.

1

PoC: CVE-2015-2291

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

PoC: CVE-2015-2291

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free