CVE-2025-52347

high

Description

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call.

References

https://www.passmark.com/products/performancetest/history.php

https://www.passmark.com/products/burnintest/history.php

https://www.osforensics.com/whats-new.html

https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2025-52347

Details

Source: Mitre, NVD

Published: 2026-05-01

Updated: 2026-05-01

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High