CVE-2018-6318

Name of the Vulnerable Software and Affected Versions Sophos Tester Tool version 3.2.0.7 Beta

Description The issue allows for a DLL Hijacking attack due to the lack of validation of a DLL loaded by the driver. This DLL is loaded from NTDLL.DLL in the context of the application, and an attacker can replace it with a malicious DLL of the same name, either locally or through a remote connection. When the product is used, the malicious DLL will be loaded.

Recommendations For Sophos Tester Tool version 3.2.0.7 Beta, as a temporary workaround, consider restricting access to the DLL loading mechanism to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.