CVE-2023-31096
agrsm64.sys — stack overflow in Agere Soft Modem driver (removed in January 2026 update)
Summary
| Field | Value |
|---|---|
| Driver | agrsm64.sys (Agere Soft Modem) |
| Vulnerability Class | Buffer Overflow (Stack) |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | January 13, 2026 (driver removed) |
Root Cause
A stack overflow in the Agere Soft Modem driver occurs when processing crafted input. Rather than patching the vulnerability, Microsoft removed the legacy driver entirely in the January 2026 cumulative update.
Exploitation
The attacker sends crafted input to the soft modem driver. The stack overflow provides kernel code execution. No longer exploitable on systems with the January 2026 update applied (driver removed).
Exploitation Primitive
Crafted modem input → stack overflow → kernel code execution
(mitigated by driver removal)