Description
Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.
References (3)
Core 3
Core References
Exploit x_refsource_misc
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/47
Scores
EPSS
0.0063
EPSS Percentile
46.0%
Details
CWE
CWE-119
Status
published
Products (1)
k7computing/k7firewall_packet_driver
< 14.0.1.15
Published
Dec 12, 2014
Tracked Since
Feb 18, 2026