CVE-2014-9643

K7 Computing Ultimate Security - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9643. PoCs published by Parvez Anwar.

AI-analyzed exploit summary This exploit targets a privilege escalation vulnerability in K7 Computing's K7Sentry.sys driver (CVE-2014-9643) by leveraging arbitrary write access to overwrite the HalDispatchTable and execute a token-stealing payload, granting SYSTEM privileges. The PoC includes shellcode for Windows XP SP3 and spawns a command shell upon successful exploitation.

Description

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.

Exploits (1)

exploitdb WORKING POC

by Parvez Anwar · clocalwindows

https://www.exploit-db.com/exploits/35992

View Code ZIP pw:eip

This exploit targets a privilege escalation vulnerability in K7 Computing's K7Sentry.sys driver (CVE-2014-9643) by leveraging arbitrary write access to overwrite the HalDispatchTable and execute a token-stealing payload, granting SYSTEM privileges. The PoC includes shellcode for Windows XP SP3 and spawns a command shell upon successful exploitation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: K7 Computing K7Sentry.sys driver (versions 12.8.0.104 and below)

No auth needed

Prerequisites: Windows XP SP3 (32-bit) · K7 Computing software with vulnerable driver installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit x_refsource_misc

http://www.greyhathacker.net/?p=818

Exploit x_refsource_misc

http://packetstormsecurity.com/files/130246/K7-Computing-14.2.0.240-Privilege-Escalation.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/113007

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/35992

Scores

EPSS 0.0073

EPSS Percentile 73.3%

Details

CWE

CWE-264

Status published

Products (4)

k7computing/anti-virus_plus < 14.2.0.252

k7computing/k7sentry.sys < 12.8.0.117

k7computing/total_security < 14.2.0.252

k7computing/ultimate_security < 14.2.0.252

Published Feb 06, 2015

Tracked Since Feb 18, 2026