Local Privilege Escalation Vulnerability in Sophos Anti-Virus
CVE-2010-2308

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
16 June 2010

Summary

An unspecified vulnerability exists in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus prior to version 7.6.20. This flaw allows local users to exploit crafted arguments passed to the NtQueryAttributesFile function, potentially granting them elevated privileges on the system. Organizations using affected versions of Sophos Anti-Virus are urged to assess their security measures and apply updates to mitigate the risks associated with this vulnerability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.