BIG-IP Edge Client Windows Stonewall Driver Local Denial of Service Vulnerability

BIG-IP Edge Client Windows Stonewall Driver Local Denial of Service Vulnerability

CVE-2020-5898 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash.

Learn more about our User Device Pen Test.