Disk Master
Monthly
Improper access control in the diskbckp.sys kernel driver of QILING Disk Master 6.0.0.0 allows local low-privileged users to bypass authorization checks and interact with privileged kernel driver functionality. Tagged as an authentication bypass, the flaw resides in an unknown function within the kernel driver component, enabling manipulation of access control logic without elevated credentials. A public proof-of-concept exploit has been disclosed (no CISA KEV listing); the vendor has released a patch via beta download.
Improper access control in the diskbckp.sys kernel driver of QILING Disk Master 6.0.0.0 allows local low-privileged users to bypass authorization checks and interact with privileged kernel driver functionality. Tagged as an authentication bypass, the flaw resides in an unknown function within the kernel driver component, enabling manipulation of access control logic without elevated credentials. A public proof-of-concept exploit has been disclosed (no CISA KEV listing); the vendor has released a patch via beta download.