cbcvebase.
CVE-2014-9643
published 2015-02-06

CVE-2014-9643: K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory…

PriorityP338high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.05%
59.9th percentile
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.

Affected

4 ranges
VendorProductVersion rangeFixed in
k7computinganti-virus_plus<= 14.2.0.252
k7computingk7sentry.sys<= 12.8.0.117
k7computingtotal_security<= 14.2.0.252
k7computingultimate_security<= 14.2.0.252
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.