Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00043
Percentile: 0.12339

CVSS Scoring

Mapped CWE(s)

• CWE-129 : Improper Validation of Array Index

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

• cpe:2.3:a:winpcap:winpcap:*:*:*:*:*:*:*:*

← Back to Home