CVE-2018-6856
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-6856
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a user controlled address. We can take advantage of this condition to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself and run code in the context of a process running as SYSTEM.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sophos SafeGuard Enterprise、SafeGuard Easy和SafeGuard LAN Crypt 权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Sophos SafeGuard Enterprise、SafeGuard Easy和SafeGuard LAN Crypt都是英国Sophos公司的产品。Sophos SafeGuard Enterprise是一套数据安全加密和数据防泄漏解决方案;SafeGuard Easy是一款提供了硬盘加密功能的网络安全组件;SafeGuard LAN Crypt是一套用于数据加密并提供授权管理功能的解决方案。 Sophos SafeGuard Enterprise 8.00.5之前版本、SafeGuard Eas
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-6856
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-6856
请登录查看更多情报信息。
- https://community.sophos.com/kb/en-us/131934x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-6856
Same Patch Batch · n/a · 2018-07-09 · 423 CVEs total
| CVE-2018-13739 | dopnetwork 数字错误漏洞 | |
| CVE-2018-13752 | Thread 数字错误漏洞 | |
| CVE-2018-13751 | JustWallet 数字错误漏洞 | |
| CVE-2018-13750 | RichiumToken 数字错误漏洞 | |
| CVE-2018-13749 | FinalToken 数字错误漏洞 | |
| CVE-2018-13748 | CarToken 数字错误漏洞 | |
| CVE-2018-13747 | VanMinhCoin 数字错误漏洞 | |
| CVE-2018-13746 | kBit 数字错误漏洞 | |
| CVE-2018-13745 | STCToken 数字错误漏洞 | |
| CVE-2018-13744 | Crowdnext 数字错误漏洞 | |
| CVE-2018-13743 | SuperEnergy 输入验证错误漏洞 | |
| CVE-2018-13742 | tickets 数字错误漏洞 | |
| CVE-2018-13741 | ABLGenesisToken 数字错误漏洞 | |
| CVE-2018-13740 | OneChain 数字错误漏洞 | |
| CVE-2018-13729 | JPMD100B 数字错误漏洞 | |
| CVE-2018-13732 | RiptideCoin 数字错误漏洞 | |
| CVE-2018-13731 | TokenMACHU 数字错误漏洞 | |
| CVE-2018-13730 | HEY 数字错误漏洞 | |
| CVE-2018-13733 | ProjectJ 数字错误漏洞 | |
| CVE-2018-13728 | JixoCoin 数字错误漏洞 |
Showing top 20 of 423 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8747
Z-BlogPHP Commend Approval c_system_event.php CheckComment i - CVE-2026-8746
Open5GS NRF nghttp2-server.c discover_handler use after free - CVE-2026-8745
Open5GS AUSF nausf-handler.c ogs_timer_add denial of service - CVE-2026-8744
Open5GS NRF context.c ogs_sbi_nf_service_add denial of servi - CVE-2026-8743
Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id impr
V. Comments for CVE-2018-6856
No comments yet