CVE-2024-1195: iTop VPN IOCTL ITopVpnCallbackProcess.sys denial of service
First published: Fri Feb 02 2024(Updated: )
A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The identifier VDB-252685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IObit iTop VPN | <=4.0.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-1195?
CVE-2024-1195 is classified as a critical vulnerability.
What does CVE-2024-1195 affect?
CVE-2024-1195 affects iTop VPN versions up to 4.0.0.1, specifically the IOCTL Handler component.
What type of vulnerability is CVE-2024-1195?
CVE-2024-1195 is a denial of service vulnerability.
How do I fix CVE-2024-1195?
To fix CVE-2024-1195, update iTop VPN to a version later than 4.0.0.1.
What is the nature of the issue in CVE-2024-1195?
CVE-2024-1195 involves an unknown functionality in the ITopVpnCallbackProcess.sys library.
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/iobit
- canonical/iobit itop vpn
- version/iobit itop vpn/4.0.0.1