Unvalidated Input in Zillya! Antivirus Driver (zef.sys) Allows Denial of Service

Unvalidated Input in Zillya! Antivirus Driver (zef.sys) Allows Denial of Service

CVE-2018-5957 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40242C.

Learn more about our User Device Pen Test.