Add STProcessMonitor Driver

CVE-2025-70795 vulnerability in STProcessMonitor Driver from Safetica
- Affects:
  - **Legacy builds (11.11.4.0+)** -> low-privilege BYOVD abuse
  - **Current build (11.26.18.0+)** -> LocalSystem-privilege BYOVD abuse


**Driver hashes:**
- `STProcessMonitor.sys` **11.11.4.0** SHA256: `70bcec00c215fe52779700f74e9bd669ff836f594df92381cbfb7ee0568e7a8b`

[STProcessMonitor.zip](https://github.com/user-attachments/files/25260360/STProcessMonitor.zip)

<img width="1024" height="594" alt="Image" src="https://github.com/user-attachments/assets/7356a72e-18a5-437f-ae7d-3ea209c4d42b" />

Poc see: https://github.com/wwwab123/BYOVD/tree/main/STProcessMonitor114-Killer 


- `STProcessMonitor.sys` **11.26.18.0** SHA256: `5b4f59236a9b950bcd5191b35d19125f60cfb9e1a1e1aa2e4f914b6745dde9df`

[STProcessMonitor.zip](https://github.com/user-attachments/files/25260613/STProcessMonitor.zip)

Poc (need LocalSystem-privilege) see: https://github.com/wwwab123/BYOVD/tree/main/STProcessMonitor2618-Killer 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add STProcessMonitor Driver #268

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add STProcessMonitor Driver #268

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions