Information disclosure in HitmanPro.Alert - CVE-2018-3970
Published: October 25, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU36480
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-3970
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Sophos
Affected software:
HitmanPro.Alert
HitmanPro.Alert
Detailed vulnerability description
The vulnerability allows a local authenticated user to gain access to sensitive information.
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
How to mitigate CVE-2018-3970
Install update from vendor's website.