Описание
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
9.3 Critical
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.
EPSS
9.3 Critical
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2