Vulnerabilities > CVE-2018-3971 - Write-what-where Condition vulnerability in Sophos Hitmanpro.Alert 3.7.6.744

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

sophos

CWE-123

NVD

Published: 2018-10-25

Updated: 2023-02-02

Summary

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Sophos Sophos Hitmanpro.Alert 3.7.6.744	1

Common Weakness Enumeration (CWE)

CWE-123 - Write-what-where Condition

Talos

id	TALOS-2018-0636
last seen	2019-05-29
published	2018-10-25
reporter	Talos Intelligence
source	http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636
title	Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Talos

References