Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
Wincor Nixdorf wnBios64.sys driver: Unsecured data copying leads to system crash or takeover
CVE-2025-70616
Summary
A security issue in the Wincor Nixdorf wnBios64.sys driver can be exploited by an attacker with local access to crash the system or take control of it. This is because the driver does not properly check the amount of data being copied, allowing an attacker to send too much data. To fix this, update to the latest version of the driver or apply the provided patch.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dieboldnixdorf | wnbios64.sys | 1.2.0.0 | – |
Original title
A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing boun...
Original description
A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a crafted IOCTL request with Options > 40, causing a stack buffer overflow that may lead to kernel code execution, local privilege escalation, or denial of service (system crash). Additionally, the same IOCTL handler can leak kernel addresses and other sensitive stack data when reading beyond the buffer boundaries.
nvd CVSS3.1
7.8
Vulnerability type
CWE-121
Stack-based Buffer Overflow
Published: 5 Mar 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026