Dynamic Disk Manager
Monthly
Local privilege escalation in AOMEI Dynamic Disk Manager up to version 10.10.1 stems from improper access controls in the ddmdrv.sys kernel driver, allowing a low-privileged local user to interact with privileged driver IOCTLs and gain SYSTEM-level control. Publicly available exploit code exists, and the vendor did not respond to coordinated disclosure, leaving installations unpatched. No CISA KEV listing or active exploitation has been confirmed at time of analysis.
Local privilege escalation in AOMEI Dynamic Disk Manager up to version 10.10.1 stems from improper access controls in the ddmdrv.sys kernel driver, allowing a low-privileged local user to interact with privileged driver IOCTLs and gain SYSTEM-level control. Publicly available exploit code exists, and the vendor did not respond to coordinated disclosure, leaving installations unpatched. No CISA KEV listing or active exploitation has been confirmed at time of analysis.