The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

DAEMON Tools 222850h IOCTL Handling Privilege Escalation Vulnerability

Secunia ID


Release Date

12 Mar 2012


Less Critical

Solution Status

Vendor Patch


DAEMON Tools Lite 4.x


Local system

DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Privilege escalation

This covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users.

This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system.


ADLab has discovered a vulnerability in DAEMON Tools, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to an indexing error when processing the 0x00222850 IOCTL in dtsoftbus01.sys. This can be exploited to write a DWORD value into arbitrary kernel memory.

Successful exploitation may allow execution of arbitrary code with SYSTEM privileges.

The vulnerability is confirmed in version Other versions may also be affected.


Update to version

Reported by

ADLab, VenusTech via Secunia.