01642 06 11 11 Arrange Call

SoftPerfect RAM Disk 4.1 spvve.sys Driver Information Disclosure Vulnerability

CVE-2020-13523 · LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2020-13523

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.