CVE-2021-42686: 
Accops HyWorks Client vulnerability analysis and mitigation

An Integer Overflow vulnerability exists in Accops HyWorks Windows Client prior to version 3.2.8.200. The vulnerability was discovered in December 2021 and affects the IOCTL Handler 0x22001B in the Accops HyWorks Windows Client. This vulnerability is part of a larger set of USB-over-network vulnerabilities affecting multiple cloud services and products (SentinelOne Labs).

The vulnerability is tracked as CVE-2021-42686 with a CVSS v3.1 base score of 8.8 (HIGH). The issue stems from insecure arithmetic operations on user-controlled data without proper overflow checks when calculating copy size in the IOCTL Handler 0x22001B. The vulnerability is related to the handling of Type3InputBuffer in the driver, where buffer verification is inadequate, allowing for potential integer overflows through specially crafted I/O Request Packets (SentinelOne Labs).

If successfully exploited, this vulnerability allows local attackers to execute arbitrary code in kernel mode or cause a denial of service through memory corruption and OS crash. The high severity rating indicates potential for significant system compromise, including the ability to bypass security products and gain elevated privileges (NVD).

The vulnerability has been patched in Accops HyWorks Windows Client version 3.2.8.200 and later. Organizations are advised to update to the fixed version. Accops has released a utility to detect vulnerable endpoints, which is available through their support site (Bleeping Computer).

The vulnerability was part of a broader disclosure of 27 high-severity flaws affecting major cloud services, including AWS WorkSpaces, NoMachine, and Accops. The discovery highlighted significant security concerns in USB-over-network implementations used by cloud desktop solutions. Vendors responded promptly to the disclosure, with most releasing patches between June and September 2021 (Bleeping Computer).