Vulnerabilities > CVE-2018-4863 - 7PK - Security Features vulnerability in Sophos Endpoint Protection 10.7
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass. CVE-2018-4863. Local exploit for Windows platform |
file | exploits/windows/local/44410.txt |
id | EDB-ID:44410 |
last seen | 2018-05-24 |
modified | 2018-04-06 |
platform | windows |
port | |
published | 2018-04-06 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/44410/ |
title | Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass |
type | local |
Packetstorm
data source | https://packetstormsecurity.com/files/download/147039/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt |
id | PACKETSTORM:147039 |
last seen | 2018-04-05 |
published | 2018-04-04 |
reporter | hyp3rlinx |
source | https://packetstormsecurity.com/files/147039/Sophos-Endpoint-Protection-10.7-Tamper-Protection-Bypass.html |
title | Sophos Endpoint Protection 10.7 Tamper Protection Bypass |
References
- http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt
- http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt
- http://seclists.org/fulldisclosure/2018/Apr/6
- http://seclists.org/fulldisclosure/2018/Apr/6
- https://www.exploit-db.com/exploits/44410/
- https://www.exploit-db.com/exploits/44410/