Vulnerability Description
A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sophos | Hitmanpro | <= 3.7.20 |
Related Weaknesses (CWE)
References
- https://github.com/cbayet/Exploit-CVE-2017-6008ExploitThird Party Advisory
- https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-1ExploitTechnical DescriptionThird Party Advisory
- https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7ExploitTechnical DescriptionThird Party Advisory
- https://www.exploit-db.com/exploits/43057/
- https://www.nuitduhack.com/fr/planning/talk_10Third Party Advisory
- https://github.com/cbayet/Exploit-CVE-2017-6008ExploitThird Party Advisory
- https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-1ExploitTechnical DescriptionThird Party Advisory
- https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7ExploitTechnical DescriptionThird Party Advisory
- https://www.exploit-db.com/exploits/43057/
- https://www.nuitduhack.com/fr/planning/talk_10Third Party Advisory
FAQ
What is CVE-2017-6008?
CVE-2017-6008 is a vulnerability with a CVSS score of 7.8 (HIGH). A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate pr...
How severe is CVE-2017-6008?
CVE-2017-6008 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6008?
Check the references section above for vendor advisories and patch information. Affected products include: Sophos Hitmanpro.