| Product | HTC Windows Phone 7 Phones |
| Severity | High |
| CVE Reference | N/A |
| Type | HTC Windows Phone 7 – Arbitrary Read/Write of Kernel Memory |
A device driver (HTCUtility.dll) was found on HTC Windows Phone 7 phones which would allow an attacker to read/write arbitrary kernel memory through the use of a specific DeviceIoControl request. No security policies were found to restrict access to this device from the low privileged chamber if the required capability (ID_CAP_INTEROPSERVICES) was provisioned.