CVE-2014-7136 – Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]

Posted by Portcullis Advisories on Dec 10

Vulnerability title: Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]
CVE: CVE-2014-7136
Vendor: K7 Computing
Product: Multiple Products [K7FWFilt.sys]
Affected version: Earlier and including 11.0.1.5
Fixed version: 14.0.1.16
Reported by: Kyriakos Economou
Details:

Latest, and possibly earlier versions of K7FWFilt.sys kernel mode driver, also named as the ‘K7Firewall Packet Driver’,
suffers from a heap overflow…

Leave a Reply