High severity7.8NVD Advisory· Published Jul 9, 2018· Updated Jun 17, 2026
CVE-2018-6856
CVE-2018-6856
Description
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a user controlled address. We can take advantage of this condition to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself and run code in the context of a process running as SYSTEM.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <7.00.3
- Range: <3.95.2
- Range: <8.00.5
Patches
Vulnerability mechanics
References
3- community.sophos.com/kb/en-us/131934nvdPatchVendor Advisory
- labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/nvdExploitTechnical DescriptionThird Party Advisory
- seclists.org/fulldisclosure/2018/Jul/20nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.