CVE-2021-47789

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/GM312Fltr	Exploit
https://www.exploit-db.com/exploits/50311	Exploit
https://www.vulncheck.com/advisories/yenkee-hornet-gaming-mouse-gmfltrsys-denial-of-service-poc	Third Party Advisory
https://www.yenkee.eu/	Product
https://www.exploit-db.com/exploits/50311	Exploit

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:yenkee:yms_3029_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:yenkee:yms_3029:-:*:*:*:*:*:*:*

History

17 Jun 2026, 04:18

Type	Values Removed	Values Added
Summary		(es) El controlador GM312Fltr.sys del ratón para juegos Yenkee Hornet contiene una vulnerabilidad de desbordamiento de búfer que permite a los atacantes bloquear el sistema enviando una entrada de tamaño excesivo. Los atacantes pueden explotar el controlador enviando un búfer de 2000 bytes a través de DeviceIoControl para desencadenar un bloqueo del sistema a nivel de kernel.

30 Jan 2026, 01:01

Type	Values Removed	Values Added
First Time		Yenkee Yenkee yms 3029 Yenkee yms 3029 Firmware
CPE		cpe:2.3:o:yenkee:yms_3029_firmware:::::::: cpe:2.3:h:yenkee:yms_3029:-:::::::*
CWE		CWE-787
References	~~() https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/GM312Fltr -~~	() https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/GM312Fltr - Exploit
References	~~() https://www.exploit-db.com/exploits/50311 -~~	() https://www.exploit-db.com/exploits/50311 - Exploit
References	~~() https://www.vulncheck.com/advisories/yenkee-hornet-gaming-mouse-gmfltrsys-denial-of-service-poc -~~	() https://www.vulncheck.com/advisories/yenkee-hornet-gaming-mouse-gmfltrsys-denial-of-service-poc - Third Party Advisory
References	~~() https://www.yenkee.eu/ -~~	() https://www.yenkee.eu/ - Product

16 Jan 2026, 22:16

Type	Values Removed	Values Added
References	~~() https://www.exploit-db.com/exploits/50311 -~~	() https://www.exploit-db.com/exploits/50311 -

16 Jan 2026, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-16 00:16

Updated : 2026-06-17 04:18

NVD link : CVE-2021-47789

Mitre link : CVE-2021-47789

CVE.ORG link : CVE-2021-47789

JSON object : View

Products Affected

yenkee

yms_3029
yms_3029_firmware

CWE

CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write

7.5 /10