CVE-2025-29547

In Rollback Rx Professional 12.8.0.0, the driver file shieldm.sys allows local users to cause a denial of service because of a null pointer dereference from IOCtl 0x96202000.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://horizondatasys.com/rollback-rx-time-machine/rollback-rx-professional/
https://packetstorm.news/files/id/190491/

Configurations

No configuration.

History

23 Apr 2025, 14:08

Type	Values Removed	Values Added
Summary		(es) En Rollback Rx Professional 12.8.0.0, el archivo del controlador shieldm.sys permite a los usuarios locales provocar una denegación de servicio debido a una desreferencia de puntero nulo de IOCtl 0x96202000.

22 Apr 2025, 20:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.0
CWE		CWE-476

22 Apr 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-22 15:16

Updated : 2025-04-23 14:08

NVD link : CVE-2025-29547

Mitre link : CVE-2025-29547

CVE.ORG link : CVE-2025-29547

JSON object : View

Products Affected

No product.

CWE

CWE-476

NULL Pointer Dereference

7.0 /10