Sophos Patched RCE and Memory Disclosure Vulnerabilities in HitmanPro.Alert

Two security issues in Sophos' malware detection and protection utility HitmanPro.Alert prior to and including the 3.7.6.744 version could allow potential attackers to gain elevated privileges and execute code remotely, and to read kernel memory contents on targeted machines as disclosed by Cisco Talos's Marcin Noga.

Both vulnerabilities have been patched by Sophos on September 17 following Cisco Talos's initial disclosure on July 23, and have now been publicly disclosed.

The CVE-2018-3971 privilege escalation vulnerability affects the IOCTL-handler function of Sophos's HitmanPro.Alert anti-malware solution, and it allows any system user to write to memory by sending a maliciously crafted IRP request targeting the hmpalert device.

Following the successful exploitation of this security issue, t... (read more)

No comments:

Post a Comment