High severity7.8NVD Advisory· Published Sep 13, 2017· Updated Jun 17, 2026
CVE-2017-7441
CVE-2017-7441
Description
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.
Affected products
1Patches
Vulnerability mechanics
References
2- trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/nvdExploitMitigationThird Party Advisory
- www.nuitduhack.com/fr/planning/talk_10nvdThird Party Advisory
News mentions
0No linked articles in our index yet.