CVE-2024-2204: 
Zemana AntiLogger vulnerability analysis and mitigation

Zemana AntiLogger version 2.74.204.664 contains a Denial of Service (DoS) vulnerability identified as CVE-2024-2204. The vulnerability was discovered by Andres Roldan from Fluid Attacks' Offensive Team and publicly disclosed on March 14, 2024. The vulnerability affects the zam64.sys and zamguard64.sys drivers through specific IOCTL codes (0x80002004 and 0x80002010) (Fluid Attacks).

The vulnerability stems from improper handling of IOCTL codes in the zam64.sys and zamguard64.sys drivers. When the nInBufferSize value of the IOCTL request call is 0 and the lpInBuffer is NULL, the SystemBuffer value becomes 0. The code fails to check for this condition before attempting to dereference the variable, resulting in a NULL pointer dereference. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Fluid Attacks).

When exploited, this vulnerability can cause a Blue Screen of Death (BSOD) on the affected computer due to NULL pointer dereference, leading to system denial of service (Fluid Attacks).

As of the vulnerability disclosure, there is no official patch available from the vendor to address this vulnerability (Fluid Attacks).