Vulnerability CVE-2017-7441


Published: 2017-09-13

Description:
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Sophos -> Hitmanpro 

 References:
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/
https://www.nuitduhack.com/fr/planning/talk_10

Copyright 2024, cxsecurity.com

 

Back to Top