PT-2022-11244 · Webroot · Webroot Secure Anywhere

Emmanuel Tacheau

Published

2022-04-14

Updated

2022-04-22

CVE-2021-40424

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Webroot Secure Anywhere version 21.4

Description An out-of-bounds read issue exists in the IOCTL GetProcessCommand and B 03 of Webroot Secure Anywhere. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this issue. The GetProcessCommandLine IOCTL request could cause an out-of-bounds read in the device driver WRCore x64.

Recommendations For Webroot Secure Anywhere version 21.4, consider restricting access to the IOCTL GetProcessCommand and B 03 until a patch is available. As a temporary workaround, avoid using the GetProcessCommandLine IOCTL request in the device driver WRCore x64 to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2021-40424

Affected Products

Webroot Secure Anywhere

PT-2022-11244 · Webroot · Webroot Secure Anywhere

CVE-2021-40424

Weakness Enumeration

Related Identifiers

Affected Products

References · 4