CVE-2025-46715

Name of the Vulnerable Software and Affected Versions Sandboxie versions 1.3.0 through 1.15.12

Description The issue arises from the failure of Api GetSecureParam to sanitize incoming pointers, implicitly trusting the pointer passed by the user as safe to write to. GetRegValue then writes the contents of the SBIE registry entry selected to this address. An attacker can pass in a kernel pointer, and the driver dumps the registry key contents to it. This can be triggered by anyone on the system, including low integrity Windows processes.

Recommendations For versions prior to 1.15.12, update to version 1.15.12 to resolve the issue. As a temporary workaround, consider restricting access to the Api GetSecureParam function and GetRegValue until a patch is available. Avoid using the SBIE registry entry in the affected API endpoint until the issue is resolved.