216.73.217.22

CVE-2025-7771

· Published 20/12/2025 19:57 · Modified 21/12/2025 15:21 · Author: AlienVault

Labels: CVE-2025-7771 2025-08-06CVE-2025-7771CWE-782[email protected]

Essential information

Published
20/12/2025 19:57
Modified
21/12/2025 15:21
Author
AlienVault
Creator
AlienVault
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
kaspersky / throttlestop cpe:2.3:a:kaspersky:throttlestop:3.0.0.0:*:*:*:*:*:*:*
kaspersky / throttlestop cpe:2.3:a:kaspersky:throttlestop:*:*:*:*:*:*:*:*

References

Related entities

Attack reports, intrusion sets, malwares, attack patterns and indicators linked to this vulnerability.

Attack reports (1)