CRITICAL🇵🇱 Wersja polska

CVE-2024-39251

CVSS 10.0v3.1pub. 2024-07-01upd. 2026-04-15

An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.

🤖 AI Analysis
How it works

The vulnerability results from improper access control to the IOCTL interface (CWE-782 – Exposed IOCTL with Insufficient Access Control) in the kernel-mode driver ControlCenter.sys / ControlCenter64.sys. An attacker can send specially crafted IOCTL requests directly to the driver without the required permissions. This leads to reading sensitive information from kernel space, executing arbitrary code, or escalating privileges to SYSTEM level. Publicly available proof-of-concept (PoC) on GitHub confirms the exploitability of the vulnerability.

Impact

An attacker can gain full control over the victim's operating system, including executing arbitrary code in kernel context, escalating privileges to SYSTEM level, and accessing sensitive data stored in memory.

Mitigation & patch

Apply patches available from the vendor in accordance with the references. Until the update is applied, it is recommended to restrict local access to devices with ThundeRobot Control Center installed and monitor attempts to send non-standard IOCTL requests to the driver.

Who is affected

ThundeRobot Control Center version 2.0.0.10 (ControlCenter.sys and ControlCenter64.sys components)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCELPE
CWE
References