CVE-2025-7771 – “ThrottleStop.sys Kernel Memory Access Vulnerability”

CVE ID : CVE-2025-7771

Published : Aug. 6, 2025, 10:15 a.m. | 1 hour, 29 minutes ago

Description : ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…