$Bypassing Intrusion Prevention in Prevx Home 1.0 by Writing to \device\physicalmemory$

Bypassing Intrusion Prevention in Prevx Home 1.0 by Writing to \device\physicalmemory

CVE-2004-1193 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:C/A:C

Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable.

Learn more about our Physical Security Assessment.