I2OフィルタのドライバでIOCTLの処理に問題があるようです。

This vulnerability specifically exists due to insecure permissions on the \\.\I2OExc device interface. The permissions on this device allow "Everyone" write access. This could allow a locally logged-in user to access functionality designed for privileged use only.
Additionally, the IOCTL handlers for this device interface do not properly validate user-mode buffer passed to them, so an attacker can supply a fake DeviceObject pointer to a user-mode address. As such, it is possible to overwrite arbitrary memory or execute attacker-supplied code in the context of the kernel.