How to fix CVE-2025-67246?

Within 7 days: Identify all affected systems running the Ludashi driver and apply vendor patches promptly. Monitor vendor channels for patch availability.

Is Ludashi Driver affected by CVE-2025-67246?

Organizations using the Ludashi driver face moderate risk from CVE-2025-67246, a improper privilege management vulnerability rated CVSS 7.3. Attackers could escalate their privileges to gain elevated access beyond their authorized level.

CVE-2025-67246

HIGH

2026-01-15 [email protected]

7.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 23, 2026 - 18:03 vuln.today

Public exploit code

CVE Published

Jan 15, 2026 - 16:16 nvd

HIGH 7.3

Description

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. The handler maps arbitrary physical memory via MmMapIoSpace and copies data back to user mode without verifying the caller's privileges or the target address range. This allows unprivileged users to read arbitrary physical memory, potentially exposing kernel data structures, kernel pointers, security tokens, and other sensitive information. This vulnerability can be further exploited to bypass the Kernel Address Space Layout Rules (KASLR) and achieve local privilege escalation.

Analysis

Technical Context

Classified as CWE-269 (Improper Privilege Management). Affects the IOCTL component of Ludashi Driver. A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. The handler maps arbitrary physical memory via MmMapIoSpace and copies data back to user mode without verifying the caller's privileges or the target address range. This allows unprivileged users to r

Affected Products

Vendor: Ludashi. Product: Ludashi Driver. Versions: up to 5.1025. Component: IOCTL.

Remediation

Monitor vendor advisories for a patch.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: +20

CVE-2025-67246 vulnerability details – vuln.today

Back

CVE-2025-67246

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-67246

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code