Primary

Context

Sandboxie Arbitrary Kernel Read Vulnerability via API_SET_SECURE_PARAM

Vulnerability

Patched

A vulnerability in Sandboxie versions 1.3.0 prior to 1.15.12 allows for arbitrary reading of kernel memory. The issue arises in the Api_SetSecureParam function, which fails to properly validate incoming pointers, trusting that they are safe to read from. This flaw enables the SetRegValue function to read data from arbitrary addresses, including kernel pointers, and write it into a HKLM Security SBIE registry value. The retrieved data can later be accessed through API_GET_SECURE_PARAM. The vulnerability requires being called from a 'signed' process, but this restriction can potentially be bypassed through process injection.

Impact

Exploitation of this vulnerability allows for arbitrary reading of kernel memory, which could be used to access sensitive information or manipulate system behavior.

Remediation

Users can upgrade to Sandboxie version 1.15.12 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sandboxie Arbitrary Kernel Read Vulnerability via API_SET_SECURE_PARAM

Vulnerability

Impact

Remediation

Affected Products

Sandboxie

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating