CVE-2018-5718

HIGH

SafenSoft SysWatch <4.4.1 - Memory Corruption

Title source: llm
STIX 2.1

Description

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service (BSOD) or modify kernel-mode memory via loading of a forged DLL into an user-mode process.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.safensoft.com/security.phtml?c=865

Scores

CVSS v3 7.1
EPSS 0.0027
EPSS Percentile 19.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE
CWE-119
Status published
Products (3)
safensoft/softcontrol_enterprise_suite < 4.4.1
safensoft/softcontrol_syswatch < 4.4.1
safensoft/softcontrol_tpsecure < 4.4.1
Published Jun 12, 2018
Tracked Since Feb 18, 2026