CVE-2025-70795 - Vulnerability Analysis
MediumCVSS: 5.5Last Updated: April 17, 2026
STProcessMonitor - Denial of Service
Published: April 17, 2026Updated: April 17, 2026KEVPoC Available
Overview
STProcessMonitor 11.11.4.0 contains a denial of service vulnerability caused by insufficient caller validation in the driver's IOCTL handler, letting unauthorized processes terminate protected processes in kernel space, exploit requires unauthorized process to load the driver and send crafted IOCTL requests.
Severity & Score
Severity: Medium
CVSS Score: 5.5
Impact
Unauthorized processes can terminate protected processes, causing denial of service by disrupting critical services or applications.
Mitigation
Update to the latest version with proper caller validation in the IOCTL handler.
References
- https://www.virustotal.com/gui/file/fc3588482f596a067b65d5d64d21fe62463b38a138fc87d8d2350efa86d34284
- https://bbs.kafan.cn/thread-2288675-1-1.html
- https://bbs.kafan.cn/thread-2287429-1-1.html
- https://bbs.kafan.cn/thread-2287429-2-1.html
- https://www.virustotal.com/gui/file/9ace6a1e4bee5834be38b4c2fd26780d1fcc18ea9d58224e31d6382c19e53296
- https://xcancel.com/anylink20240604/status/2022651540125958408#m
- https://github.com/magicsword-io/LOLDrivers/commit/eea8326bf891d810902203e9ac5cfdeaf5a17a1c
- https://github.com/magicsword-io/LOLDrivers/issues/268
- https://www.virustotal.com/gui/file/70bcec00c215fe52779700f74e9bd669ff836f594df92381cbfb7ee0568e7a8b
Related Resources
Details
- CVE ID
- CVE-2025-70795
- Severity
- Medium
- CVSS Score
- 5.5
- Type
- broken_access_control
- Status
- unconfirmed
CWE
- CWE-269
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H