Primary

Context

Prevx Process Termination Vulnerability in Pxscan Driver via IOCTL Code

Vulnerability

A denial-of-service vulnerability has been identified in PrevX version 3.0.5.220. This issue arises when attackers send IOCTL code 0x22E044 to the pxscan.sys driver, causing arbitrary process termination. The vulnerability affects any processes listed under the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pxscan\Files.

Impact

Exploitation of this vulnerability leads to arbitrary process termination, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send IOCTL code 0x22E044 to the pxscan.sys driver. This can be done using a device driver exploitation framework or a custom script that targets the driver with the specific IOCTL code. Ensure that the target process is listed under the specified registry key to observe the termination effect.

Added: Oct 28, 2025, 4:18 PM

Updated: Oct 28, 2025, 4:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.6

remediation

0.0

relevance

0.9

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.6

remediation

0.0

relevance

0.9

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Prevx Process Termination Vulnerability in Pxscan Driver via IOCTL Code

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating