← Cybersecurity Alphabet Soup

BYOVD

Bring Your Own Vulnerable Driver

attackshard

Bring Your Own Vulnerable Driver is a technique where attackers install a legitimately signed but vulnerable device driver, then exploit it to gain kernel-level access. Because the driver is validly signed, the operating system loads it without complaint. Attackers use this to disable security software from below, which is why vendors now maintain blocklists of known-bad drivers.

Sources

More in attacks