Denial of Service Vulnerability in GEAR Software Products (GEARAspiWDM.sys)

Denial of Service Vulnerability in GEAR Software Products (GEARAspiWDM.sys)

CVE-2018-15499 · MEDIUM Severity

AV:L/AC:M/AU:N/C:N/I:N/A:C

GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.

Learn more about our User Device Pen Test.