The abuse of vulnerable drivers, known as BYOVD (Bring Your Own Vulnerable Driver), has emerged in recent years as an increasingly common and accessible attack technique. This methodology exploits any vulnerabilities in the drivers to gain full access to the systems’ memory and evade defence mechanisms. With the wide availability of vulnerable third-party drivers and tools that can exploit them, such attacks are becoming a significant threat to the security of data and IT infrastructures. The methods used by cyber criminals to identify and exploit vulnerable drivers and strategies to mitigate these types of threats will be examined.
