Local Elevation of Privilege in Sophos HitmanPro.Alert
CVE-2020-9540

7.8HIGH

Key Information:

Vendor: Sophos
Status: Hitmanpro.alert
Vendor: CVE Published:; 2 March 2020

Summary

A vulnerability in Sophos HitmanPro.Alert prior to build 861 allows attackers with local access to the system to elevate their privileges. This flaw can be exploited to gain unauthorized access to sensitive areas of the system, posing potential risks to data integrity and overall security. Users are advised to update to the latest build to mitigate these risks.

References

https://www.hitmanpro.com/en-us/whatsnewalert.aspx

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 2, 2020
Vulnerability Reserved
Mar 1, 2020