Published: 05/04/2018 Updated: 18/05/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sophos endpoint protection 10.7

Sophos Endpoint Protection version 107 suffers from a tamper protection bypass vulnerability ...

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/SOPHOS-ENDPOINT-PROTECTION-v107-TAMPER-PROTECTION-BYPASS-CVE-2018-4863txt [+] ISR: Apparition Security Vendor: ============= wwwsophoscom Product: =========== Sophos Endpoint Protection v107 ...

CWE-254 http://seclists.org/fulldisclosure/2018/Apr/6 http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt https://www.exploit-db.com/exploits/44410/https://nvd.nist.gov https://packetstormsecurity.com/files/147039/Sophos-Endpoint-Protection-10.7-Tamper-Protection-Bypass.html https://www.exploit-db.com/exploits/44410/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-4863

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect