What is the CVSS score of CVE-2025-70616?

CVE-2025-70616 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Wnbios64.Sys are affected by CVE-2025-70616?

A high-severity kernel driver vulnerability (CVE-2025-70616) affecting Wincor Nixdorf wnBios64.sys poses a local privilege escalation risk to systems running this driver.

Is there a public PoC exploit available for CVE-2025-70616?

Yes, a public proof-of-concept exploit is available for CVE-2025-70616. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2025-70616?

Within 24 hours: Identify and inventory all systems running Wincor Nixdorf wnBios64.sys version 1.2.0.0; isolate affected systems from critical networks if operationally feasible. Within 7 days: Implement network segmentation to restrict local access to affected systems; disable the vulnerable driver if operationally possible; apply host-based monitoring for suspicious IOCTL calls to 0x80102058. Within 30 days: Contact Wincor Nixdorf for patch availability and timeline; evaluate replacement or upgrade options; implement kernel driver code-signing enforcement and driver load restrictions on affected systems.

Wnbios64.Sys CVE-2025-70616

HIGH

Stack-based Buffer Overflow (CWE-121)

2026-03-05 cve@mitre.org

Privilege Escalation Buffer Overflow Denial Of Service Linux Wnbios64.Sys

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

PoC Detected

Mar 10, 2026 - 19:41 vuln.today

Public exploit code

CVE Published

Mar 05, 2026 - 19:16 nvd

HIGH 7.8

DescriptionNVD

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a crafted IOCTL request with Options > 40, causing a stack buffer overflow that may lead to kernel code execution, local privilege escalation, or denial of service (system crash). Additionally, the same IOCTL handler can leak kernel addresses and other sensitive stack data when reading beyond the buffer boundaries.

AnalysisAI

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. [CVSS 7.8 HIGH]

Technical ContextAI

Classified as CWE-121 (Stack-based Buffer Overflow). Affects the IOCTL component of Wnbios64.Sys. A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a crafted IOCTL request with Options > 40, causing a stack buffer overflow that may lead to kernel code e

RemediationAI

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

More from same product – last 7 days

CVE-2026-47334 MEDIUM This Month

5.5 May 28

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect

CVE-2026-47335 MEDIUM This Month

5.5 May 28

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic

CVE-2026-47327 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash th

CVE-2026-47337 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local

CVE-2026-45844 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload par

CVE-2025-70616 vulnerability details – vuln.today

Back

Wnbios64.Sys CVE-2025-70616

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code