First published: Thu Oct 25 2018(Updated: )
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Sophos HitmanPro.Alert | =3.7.6.744 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-3970.
The severity of CVE-2018-3970 is medium (5.5).
CVE-2018-3970 affects Sophos HitmanPro.Alert version 3.7.6.744.
CVE-2018-3970 allows an attacker to disclose kernel memory through a specially crafted IRP request.
To fix CVE-2018-3970, update to the latest version of Sophos HitmanPro.Alert.