Virtual CloneDrive allows users to mount ISO files and other disk image formats as virtual drives on their computer.
Its kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process.
This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to `SYSTEM`.
Author: Kolja
-
Virtual CloneDrive
-
CVE-2025-1865 ‒ Local Privilege Escalation in Virtual CloneDrive Kernel Driver
-
-
Trend Micro Apex One
-
Webroot Endpoint Protection
-
Check Point Harmony
-
Bitdefender Total Security
-
AVG Internet Security