CVE-2023-44976

High PUBLISHED

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via...

Hangzhou Shunwang · Rentdrv2

Not yet in CISA KEV

Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
3.2 Low EPSS 0.2%

At a Glance

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.

CVE Published
Aug 01, 2025
Exploitation Reported
Jun 01, 2026
CVSS
3.2 Low
EPSS
0.2%
Low complexity No user interaction

Affected Versions

Vendor Product Version Status
Hangzhou Shunwang
Rentdrv2

1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3

Affected
Hangzhou Shunwang
Rentdrv2

9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.