CVE Details
Basic Information
| Title |
TechPowerUp GPU-Z 0x8000645C IOCTL GPU-Z.sys sub_140001880 memory leak |
| Type |
cve |
| Published |
2025-05-29T18:31:04.815Z |
| Last Seen |
|
Product Information
| Vendor |
TechPowerUp |
| Product |
GPU-Z |
| Version |
2.23.0 |
CVSS Information
| Base Score |
4.8 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A memory leak vulnerability was discovered in TechPowerUp GPU-Z version 2.23.0. This issue allows local attackers to exploit the sub_140001880 function in GPU-Z.sys, potentially leading to information disclosure. The exploit is publicly available, and the vendor has not responded to the disclosure. |
| AI Severity |
Medium |
| Vendor |
TechPowerUp |
| Product |
GPU-Z |
| Affected Version |
2.23.0 |
Additional Information
| CVE List |
|
| CWE List |
CWE-401, CWE-404 |
| Bulletin Family |
|
| Source Data |
TechPowerUp GPU-Z 2.23.0 |
Source Information
| Source Data |
TechPowerUp GPU-Z 2.23.0 |
| Source Link |
|
Description
A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score Summary
View Full CVE Details
