crowdfense
11Sep

NT OS Kernel Information Disclosure Vulnerability – CVE-2025-53136

Introduction Microsoft mitigated many traditional kernel information leaks starting with Windows 11/Windows Server 2022 24H2, including calls such as NtQuerySystemInformation() (when used with the SystemModuleInformation class), by suppressing kernel base addresses unless the caller had the SeDebugPrivilege, typically reserved for administrative processes. That change effectively neutered one of the most accessible KASLR bypass techniques, and, without knowledge of the kernel's base addresses, exploitation became harder. While doing...

By , Read more...
04Sep

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver – CVE-2025-53149

From time to time, while digging through internals during our research, we stumble upon quirks or vulnerabilities that, although not immediately useful for operations or exploitation, are still noteworthy. Rather than letting these findings fade away, we decided to responsibly disclose them to the vendor. One such case is CVE-2025-53149, a heap-based buffer overflow in the Kernel Streaming WOW Thunk...

By , Read more...
09May

Crowdfense – The challenge

After a few months, since I joined the company, it’s perhaps time for me to write something and inaugurate our blog. First, I want to express my gratitude to the readers who have ventured into our blog for the first time. I understand your anticipation for technical content, and I assure you that this non-technical blog will only be a one-off....

By Read more...