... Loading ...

SSD Secure Disclosure

Disclosing vulnerabilities responsibly since 2007

SSD Advisory – K7 Total Security Device Driver Arbitrary Memory Read

Vulnerability Summary
The following advisory describes an Crash found in K7 Total Security.
Credit
An independent security researcher, Kyriakos Economou aka @kyREcon, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
Vendor response
K7 has released patches to address this vulnerability – K7TotalSecurity version 15.1.0.305
CVE: CVE-2017-18019

Vulnerability details
User controlled input to K7Sentry device is not sufficiently sanitized, the user controlled input can be used to compare an arbitrary memory address with a fixed value which in turn can be used to read the content of arbitrary memory.
Crash report
By sending invalid kernel pointer we can crash the K7 Total Security process as shown here:

Proof of Concept
The PoC has been tested on Windows 7 x86

Print Friendly, PDF & Email

Leave a Reply