Sandboxie-Plus
CVE-2026-45313
HIGH
Severity by source
AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attacker must already run code inside a sandbox (AV:L, PR:L); reaching the hook-notify path needs specific timing (AC:H); escape to SYSTEM host crosses trust boundary (S:C) with full C/I/A impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. Prior to 1.17.6, GuiServer::WndHookRegisterSlave in Sandboxie/core/svc/GuiServer.cpp stores attacker-supplied hthread and hproc fields from a GUI_WND_HOOK_REGISTER request without validating that the thread belongs to the sandboxed process or that the function pointer is in the caller address space, and GuiServer::WndHookNotifySlave then calls OpenThread(THREAD_SET_CONTEXT, FALSE, whk->hthread) and QueueUserAPC((PAPCFUNC)whk->hproc, hThread, (ULONG_PTR)req->threadid) as SYSTEM, allowing a sandboxed process to execute arbitrary code in an unsandboxed host process. This issue is fixed in version 1.17.6.
AnalysisAI
Sandbox escape with SYSTEM-level code execution in Sandboxie-Plus before 1.17.6 allows a process confined inside a sandbox to run arbitrary code in an unsandboxed host process. The privileged GuiServer service trusts attacker-supplied thread and function-pointer values from a GUI window-hook registration request and dispatches them via QueueUserAPC while running as SYSTEM, defeating the core isolation guarantee of the product. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to first be running code inside a Sandboxie-Plus sandbox (a sandboxed process) so they can issue a GUI_WND_HOOK_REGISTER request to the local SYSTEM GuiServer - this is a local sandbox-escape, not a remote attack. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 3.1 base score is 7.7 (High) with vector AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H - local vector, high attack complexity, scope change, and full confidentiality/integrity/availability impact, which correctly captures a boundary-crossing escape. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has already achieved code execution inside a Sandboxie box - for example by luring a user to open malicious content in a sandboxed browser - sends a crafted GUI_WND_HOOK_REGISTER request to the SYSTEM GuiServer with an hthread handle and an hproc function pointer under their control. When the hook fires, GuiServer executes the attacker's pointer via QueueUserAPC as SYSTEM in a host process, breaking out of the sandbox and elevating to full system compromise. … |
| Remediation | Vendor-released patch: 1.17.6 (classic 5.72.6) - upgrade all installations to this version or later, per advisory GHSA-rmv3-fhg3-75xh and the release at https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.6, which adds the missing validation of the hthread/hproc fields in GuiServer's window-hook handling. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, audit all systems running Sandboxie-Plus versions prior to 1.17.6 and stop using the product for containment of untrusted code; document what applications or workloads were previously sandboxed. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershe
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high sev
Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supply
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a Denial of Service (DoS) in t
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated medium s
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high sev
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high sev
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Rated high sev
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today