17 matches found
CVE-2018-6474
CVE-2018-6474 affects SUPERAntiSpyware Professional Trial 6.0.1254 via the SASKUTIL.SYS driver. The vulnerability arises from not validating input values for IOCTL 0x9C402148, enabling local attackers to trigger a denial of service (BSOD) and potentially other impact. Affected component: SASKUTIL...
CVE-2020-22061
CVE-2020-22061 affects SUPERAntiSpyware v8.0.0.1050. The issue resides in the driver component saskutil64.sys and permits an attacker with local access to arbitrarily write data to the device via IOCTL 0x9C402140. CVSS data in the record indicates a local, low complexity attack with partial confi...
CVE-2018-6472
In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver is vulnerable due to input validation failure on IOCTL 0x9C40204c, enabling local users to trigger a denial of service (BSOD) and potentially other impact. This is supported by multiple sources (NVD, Red Hat CVE entry, CNVD,...
CVE-2018-6473
The CVE-2018-6473 entry affects SUPERAntiSpyware Professional Trial 6.0.1254 . The vulnerability is in the driver file SASKUTIL.SYS , where input values passed via IOCTL 0x9C402080 are not properly validated, enabling a local attacker to cause a denial of service (BSOD) and potentially other impa...
CVE-2018-6475
CVE-2018-6475 affects SUPERAntiSpyware Professional Trial 6.0.1254. The issue is a DLL hijacking vulnerability in SUPERAntiSpyware.exe that enables Elevation of Privileges. Root cause: DLL loading manipulation leads to privilege escalation. Impacted software is the SUPERAntiSpyware Professional T...
CVE-2018-6471
CVE-2018-6471 affects SUPERAntiSpyware Professional Trial 6.0.1254 via the SASKUTIL.SYS driver. The vulnerability arises from lack of input validation for IOCTL 0x9C402078, enabling local attackers to cause a denial of service (BSOD) and potential other impacts. OpenVAS notes a remediation of Wil...
CVE-2018-6476
Affected software: SUPERAntiSpyware Professional Trial 6.0.1254. The vulnerability is in the SASKUTIL.SYS driver, where input values for IOCTLs 0x9C402114, 0x9C402124, or 0x9C40207c are not validated, allowing a local attacker to escalate to NT AUTHORITY\SYSTEM. The issue is a privilege-escalatio...
CVE-2025-14489
RealDefense SUPERAntiSpyware is affected by a Local Privilege Escalation vulnerability in the SAS Core Service caused by an exposed dangerous function. An attacker who can run low-privileged code can exploit this to gain SYSTEM privileges and execute arbitrary code. The advisory trail (ZDI-25-116...
CVE-2025-14491
CVE-2025-14491 affects RealDefense SUPERAntiSpyware. The issue resides in the SAS Core Service and is caused by an exposed dangerous function, enabling a local attacker who can run low-privileged code to escalate privileges to SYSTEM and execute arbitrary code. The vulnerability is tied to ZDI ad...
CVE-2025-14492
RealDefense SUPERAntiSpyware contains a local privilege escalation in the SAS Core Service due to an exposed dangerous function. The flaw allows an attacker who can run low-privileged code to escalate to SYSTEM and execute arbitrary code on affected installations. CVSS v3.0 metrics indicate local...
CVE-2025-14493
CVE-2025-14493 affects RealDefense REALDefense SUPERAntiSpyware via the SAS Core Service, where an exposed dangerous function enables local privilege escalation to SYSTEM. An attacker must already have the ability to run low-privileged code; no user interaction is required. The vulnerability is v...
CVE-2025-14494
CVE-2025-14494 affects RealDefense SUPERAntiSpyware . The vulnerability resides in the SAS Core Service where an exposed dangerous function allows a local attacker who already has low-privilege code execution to escalate privileges to SYSTEM and execute arbitrary code. Multiple sources (ZDI advis...
CVE-2025-14488
RealDefense SUPERAntiSpyware is affected by a Local Privilege Escalation due to an exposed dangerous function in the SAS Core Service. The root cause is the exposed function that allows a low-privileged attacker who already has code execution on the target to escalate privileges and run arbitrary...
CVE-2025-14490
CVE-2025-14490 : RealDefense SUPERAntiSpyware contains a flaw in the SAS Core Service where an exposed dangerous function allows a local attacker to escalate privileges to SYSTEM. Exploitation requires initial access to execute low-privileged code, with no user interaction required. The impact is...
CVE-2025-14495
RealDefense SUPERAntiSpyware is affected by CVE-2025-14495 due to an exposed dangerous function in the SAS Core Service that allows a local attacker who can run low-privileged code to escalate privileges and execute arbitrary code in the context of SYSTEM. Affected product: RealDefense SUPERAntiS...
CVE-2025-14496
CVE-2025-14496 affects RealDefense SUPERAntiSpyware. The vulnerability stems from an exposed dangerous function in the SAS Core Service, enabling a local attacker with low-privilege code execution to escalate to SYSTEM and execute arbitrary code. Public documents consistently cite a local privile...
CVE-2025-14497
RealDefense SUPERAntiSpyware is affected. The issue resides in the SAS Core Service, stemming from an exposed dangerous function that enables local privilege escalation to SYSTEM when an attacker can execute low-privileged code. Multiple sources corroborate the vulnerability, including ZDI adviso...