CVE-2018-6856

Name of the Vulnerable Software and Affected Versions Sophos SafeGuard Enterprise versions prior to 8.00.5 Sophos SafeGuard Easy versions prior to 7.00.3 Sophos SafeGuard LAN Crypt versions prior to 3.95.2

Description The issue allows for Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer, an attacker can control the execution path to the point where a global variable will be written to a user-controlled address. This condition can be exploited to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself, allowing code to run in the context of a process running as SYSTEM.

Recommendations For Sophos SafeGuard Enterprise versions prior to 8.00.5, update to version 8.00.5 or later. For Sophos SafeGuard Easy versions prior to 7.00.3, update to version 7.00.3 or later. For Sophos SafeGuard LAN Crypt versions prior to 3.95.2, update to version 3.95.2 or later.