Description
K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This vulnerability arises due to insufficient caller validation in the driver's IOCTL handler, enabling unauthorized processes to perform those actions in kernel space. Successful exploitation can result in denial of service by disrupting critical third-party services or applications.
CVE-2025-52915
List of affected products
K7 Ultimate Security
Fixed Versions
K7 Computing recommends that all customers update their products to the corresponding versions shown below:
K7 Ultimate Security (17.0.2049 or Higher) [K7RKScan.sys v23.0.0.11]
Acknowledgments
We would like to express our gratitude to Tzachi Hazan (aka. BlackSnufkin) for reporting this vulnerability to us along with comprehensive details.
