CVE-2024-8885

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.

*Credits: Sina Kheirkhah (@SinSinology) of watchTowr (https://watchtowr.com)

CVSS Scores

Sophos Limitedv3.1 8.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-09-16 CVE Reserved
2024-10-02 CVE Published
2024-10-02 CVE Updated
2024-10-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-502: Deserialization of Untrusted Data
CWE-1104: Use of Unmaintained Third Party Components

CAPEC

CAPEC-113: Interface Manipulation

References (1)

URL	Tag	Source
https://www.sophos.com/en-us/security-advisories/sophos-sa-20241002-cde-lpe

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sophos Search vendor "Sophos"		Sophos Intercept X Search vendor "Sophos" for product "Sophos Intercept X"				< 2024.2.0 Search vendor "Sophos" for product "Sophos Intercept X" and version " < 2024.2.0"		en		Affected