CVE-2025-61155 identifies a security vulnerability in the GameDriverX64.sys kernel-mode anti-cheat driver, versions 7.23.4.7 and earlier. The flaw lies in an IOCTL handler that lacks proper access control and authentication checks. User-mode processes with low privileges can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel mode without validation, enabling attackers to terminate arbitrary processes, including critical system and security services. This can lead to denial of service conditions by disrupting essential OS functions or security software. The vulnerability does not impact confidentiality or integrity directly but severely affects availability. Exploitation requires local access with low privileges but no administrative rights or user interaction, increasing the risk of misuse by unprivileged users or malware. The CVSS v3.1 score is 5.5 (medium severity), reflecting the ease of exploitation and high impact on availability. No patches or known exploits are currently reported, but the vulnerability represents a significant risk for systems running the affected anti-cheat driver, commonly used in gaming environments. The underlying CWE-400 (Uncontrolled Resource Consumption) suggests the vulnerability could be leveraged to exhaust system resources or disrupt process management.

For European organizations, the primary impact of CVE-2025-61155 is on system availability and operational continuity. The ability to terminate critical system and security processes without administrative privileges can lead to denial of service, disabling endpoint protection, or causing system instability. This is particularly concerning for organizations with gaming-related operations, e-sports platforms, or those using the affected anti-cheat software. Additionally, compromised availability of security services increases the risk of further exploitation by other malware or attackers. Although confidentiality and integrity are not directly affected, the disruption of security services can indirectly facilitate more severe attacks. The vulnerability's local access requirement limits remote exploitation but does not eliminate risk from insider threats or malware running with user-level privileges. European organizations with high reliance on gaming infrastructure or sensitive operational environments should prioritize mitigation to prevent potential service disruptions and security lapses.

1. Restrict access to the GameDriverX64.sys device interface by enforcing strict permissions, ensuring only trusted processes and users can communicate with the driver. 2. Implement application whitelisting and endpoint protection to detect and block unauthorized attempts to open handles or send IOCTL requests to the driver. 3. Monitor system logs and kernel driver interactions for unusual IOCTL activity indicative of exploitation attempts. 4. Isolate gaming or anti-cheat software environments from critical business systems to limit potential impact. 5. Engage with the software vendor to obtain patches or updates addressing the vulnerability as soon as they become available. 6. Educate users about the risks of running untrusted software that may exploit this vulnerability. 7. Employ least privilege principles to minimize the number of users and processes with access to the vulnerable driver. 8. Consider temporary disabling or uninstalling the affected anti-cheat driver if feasible until a patch is released.