CVE-2018-3970 - An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of

CVE-2018-3970

Summary

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.

References

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0635
http://www.securityfocus.com/bid/105743

Vulnerable Configurations

cpe:2.3:a:sophos:hitmanpro.alert:3.7.6.744:*:*:*:*:*:*:*
cpe:2.3:a:sophos:hitmanpro.alert:3.7.6.744:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 02-02-2023 - 13:47)
Impact:
Exploitability:

CWE

CWE-908

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	105743
misc	https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0635

Last major update

02-02-2023 - 13:47

Published

25-10-2018 - 18:29

Last modified

02-02-2023 - 13:47