Privilege escalation in Dell Protected Workspace and Invicea-X - CVE-2016-9038
Published: July 5, 2017 / Updated: July 5, 2017
Vulnerability identifier: #VU7321
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-9038
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Dell
Invicea
Invicea
Affected software:
Dell Protected Workspace
Invicea-X
Dell Protected Workspace
Invicea-X
Detailed vulnerability description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to double fetch race condition in the SboxDrv.sys driver functionality. A local attacker can send specially crafted data to the \Device\SandboxDriverApi device driver, trigger kernel memory corruption and gain system privileges.
Successful exploitation of the vulnerability may result in privilege escalation.
The weakness exists due to double fetch race condition in the SboxDrv.sys driver functionality. A local attacker can send specially crafted data to the \Device\SandboxDriverApi device driver, trigger kernel memory corruption and gain system privileges.
Successful exploitation of the vulnerability may result in privilege escalation.
How to mitigate CVE-2016-9038
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.