CVE-2025-52347

Severity CVSS v4.0:

Pending analysis

Type:

CWE-20 Input Validation

Publication date:

01/05/2026

Last modified:

07/05/2026

Description

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call.

Impact

Vector 3.x

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

Base Score 3.x

7.80

Severity 3.x

HIGH

References to Advisories, Solutions, and Tools

https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2025-52347
https://www.osforensics.com/whats-new.html
https://www.passmark.com/products/burnintest/history.php
https://www.passmark.com/products/performancetest/history.php