CVE-2021-42683: 
Accops HyWorks Client vulnerability analysis and mitigation

A Buffer Overflow vulnerability was discovered in Accops HyWorks Windows Client versions prior to v3.2.8.200. The vulnerability was identified and disclosed in December 2021, affecting the IOCTL Handler 0x22001B component of the software (SentinelOne Labs).

The vulnerability exists in the IOCTL Handler 0x22001B which improperly handles buffer management, allowing for buffer overflow conditions. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating local access required with low attack complexity (NVD).

If successfully exploited, this vulnerability allows local attackers to execute arbitrary code in kernel mode or cause a denial of service through memory corruption and operating system crash. The high severity rating indicates potential for significant impact on system confidentiality, integrity, and availability (SentinelOne Labs).

The vulnerability has been patched in Accops HyWorks Windows Client version 3.2.8.200 and later. Organizations are advised to upgrade to the latest version to mitigate the risk. Accops has released a utility to detect vulnerable endpoints, which is available through their support site (SentinelOne Labs).