Login Sign Up

CVE-2023-1677

5.5 MEDIUM
Denial of Service

📋 TL;DR

A local denial-of-service vulnerability exists in DriverGenius 9.70.0.346's kernel driver mydrivers64.sys. Attackers can trigger a system crash by sending specially crafted IOCTL requests to vulnerable driver functions. Only users running the affected version of DriverGenius on Windows systems are impacted.

💻 Affected Systems

Products:
  • DriverGenius
Versions: 9.70.0.346
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the kernel driver mydrivers64.sys when DriverGenius is installed and running.

📦 What is this software?

Drivergenius by Drivergenius

View all CVEs affecting Drivergenius →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash/BSOD requiring reboot, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial-of-service causing system instability or crash, requiring reboot to restore functionality.

🟢

If Mitigated

Minimal impact if driver is not loaded or vulnerable functions are not accessible.

🌐 Internet-Facing: LOW - Requires local access to the system.
🏢 Internal Only: MEDIUM - Local attackers or malware could crash systems, but requires driver to be loaded.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit code is publicly available on GitHub, requiring local execution privileges to trigger the vulnerable IOCTL handlers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Check for DriverGenius updates from official sources. 2. If no patch is available, consider uninstalling DriverGenius 9.70.0.346. 3. Restart system after uninstallation.

🔧 Temporary Workarounds

Uninstall DriverGenius

windows

Remove the vulnerable software to eliminate the attack surface.

Control Panel > Programs > Uninstall a program > Select DriverGenius > Uninstall

Disable DriverGenius Service

windows

Prevent the vulnerable driver from loading at system startup.

sc stop DriverGeniusService
sc config DriverGeniusService start= disabled

🧯 If You Can't Patch

  • Restrict local user privileges to prevent execution of exploit code.
  • Implement application whitelisting to block unauthorized executables.

🔍 How to Verify

Check if Vulnerable:

Check if DriverGenius 9.70.0.346 is installed via Programs and Features or run: wmic product get name,version | findstr DriverGenius

Check Version:

wmic product where "name like '%DriverGenius%'" get version

Verify Fix Applied:

Verify DriverGenius is uninstalled or updated to a newer version, and mydrivers64.sys driver is not loaded in kernel.

📡 Detection & Monitoring

Log Indicators:

  • System event logs showing unexpected system crashes/BSODs
  • Security logs showing process creation of exploit tools

Network Indicators:

  • Local IOCTL calls to vulnerable driver functions (not typically network visible)

SIEM Query:

EventID=41 OR (ProcessName contains 'exploit' AND ParentProcess contains 'DriverGenius')

📊 Metadata

CVE ID: CVE-2023-1677
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-404
Published: March 28, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1677, you might also want to check these:

CVE-2025-38385 7.8

This CVE describes a kernel warning triggered during USB device disconnection in the Linux kernel's ...

Same vulnerability type (CWE-404)
CVE-2022-23033 7.8

This Xen hypervisor vulnerability on ARM systems allows guest virtual machines to retain access to m...

Same vulnerability type (CWE-404)
CVE-2021-0984 7.8

This vulnerability in Android 12 allows local privilege escalation without user interaction. An inco...

Same vulnerability type (CWE-404)