Vulnerabilities > CVE-2018-3970 - Use of Uninitialized Resource vulnerability in Sophos Hitmanpro.Alert 3.7.6.744

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

sophos

CWE-908

NVD

Published: 2018-10-25

Updated: 2023-02-02

Summary

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Sophos Sophos Hitmanpro.Alert 3.7.6.744	1

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

Talos

id	TALOS-2018-0635
last seen	2019-05-29
published	2018-10-25
reporter	Talos Intelligence
source	http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0635
title	Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Talos

References