Stack-based buffer overflow in Wincor Nixdorf PORT IO Driver versions up to 1.0.0.1 allows local authenticated attackers with low privileges to achieve arbitrary code execution with kernel-level permissions. The vulnerability exists in the sub_11100 function of the wnport.sys kernel driver's IOCTL handler. Public exploit code is available (CVSS E:P). Vendor has released version 3.0.0.1 to address this issue. EPSS data not available, not listed in CISA KEV, suggesting targeted rather than widespread exploitation despite public POC.
Buffer Overflow
NVD
VulDB
CVSS 4.0
7.1
EPSS
0.0%