Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Sophos Patches Privilege Escalation Flaws in SafeGuard Products

Researchers discovered several vulnerabilities in Sophos SafeGuard full-disk and file encryption products. The flaws allow an attacker to escalate privileges on a compromised device and execute arbitrary code with SYSTEM permissions.

Researchers discovered several vulnerabilities in Sophos SafeGuard full-disk and file encryption products. The flaws allow an attacker to escalate privileges on a compromised device and execute arbitrary code with SYSTEM permissions.

A total of seven local privilege escalation vulnerabilities have been identified by researchers at Nettitude. The security holes can be exploited via various IOCTL calls using specially crafted input buffers that allow attackers to control the execution path.

Nettitude has published technical details for each of the flaws, along with a video showing how an attacker with access to the targeted device can escalate privileges to SYSTEM.

According to an advisory published on Tuesday by Sophos, the vulnerabilities affect various versions of SafeGuard Enterprise Client, SafeGuard Easy and SafeGuard LAN Crypt for Windows. The bugs have been assigned the CVE identifiers CVE-2018-6851 through CVE-2018-6857.

“Sophos is not aware of any attacks leveraging those vulnerabilities or exploits for them being available,” the security firm wrote in its advisory. “Exploitation of those vulnerabilities requires running malicious code on the target machine and can result in privilege escalation. This vulnerability is not remotely exploitable (i.e. over the network).”

The vulnerabilities were reported to Sophos in January and patches were created in April. Sophos has advised users to install the available patches.

Related: Flaw in F-Secure Products Allowed Code Execution via Malicious Archives

Advertisement. Scroll to continue reading.

Related: Antivirus Quarantine Flaws Allow Privilege Escalation

Related: Dozen Flaws Found in Trend Micro Email Encryption Gateway

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Mike Byron has been named Chief Financial Officer (CFO) at Exabeam.

Ex-GitHub chief technology officer Mike Hanley has joined GM as CISO.

Network security and compliance assurance firm Titania has appointed Victoria Dimmick as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.