Memory Management Flaw in Unisys Stealth Solution for Windows Endpoints
CVE-2018-6592

7.8HIGH

Key Information:

Vendor: Unisys
Status: Stealth
Vendor: CVE Published:; 19 February 2018

What is CVE-2018-6592?

A memory management vulnerability exists in the Unisys Stealth solution for Windows endpoints. Local users can exploit this flaw to gain unauthorized access to Stealth-enabled devices through improper cleanup of memory that is used for storing negotiation keys. This issue affects all versions prior to 3.3.016.1, presenting a significant security risk to users who have not applied the necessary updates.

References

http://public.support.unisys.com/common/public/vulnerabil...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2018
Vulnerability Reserved
Feb 2, 2018

CVE-2018-6592 Data

JSON