About the Speaker

Hunting driver vulnerabilities usually occurs through fuzzing and hoping for crashes to happen. This talk aims to introduce a new systematic methodology for driver analysis that upgrades the "only-fuzzing" method into a clear five step process. This process resulted in discovering 4 new zerodays, the latest being CVE-2025-60419 and 2 rediscoveries being CVE-2024-33219 and CVE-2021-3438. We will walk through the steps in detail going in a clear sequence of mass driver collection, API calls detection, Driver device creation, static analysis and guided fuzzing.

Attendees will learn how to identify high-value targets from thousands of drivers, identify dangerous IOCTLs, and build a system for bug discoveries. The session would allow the attendees to understand how driver vulnerabilities are discovered, how they operate at an internal level and how they are exploited by bad actors using BYOVD attacks.

Priyanshu is a security researcher studying Computer Science & Engineering at MIT Arts, Design and Technology University, Pune. He conducts low-level research related to IOMMU, Drivers and Peripherals. He has also worked on AV/EDR evasion strategies such as publishing a research paper about audio-based steganography. He also regularly writes to his cybersecurity blog about his current work and CVEs he discovered.