Skip to main content

Sandboxie-Plus CVE-2026-45313

HIGH
Improper Access Control (CWE-284)
2026-07-15 GitHub_M
7.7
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
7.7 HIGH
AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Attacker must already run code inside a sandbox (AV:L, PR:L); reaching the hook-notify path needs specific timing (AC:H); escape to SYSTEM host crosses trust boundary (S:C) with full C/I/A impact.

3.1 AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Source Code Evidence Fetched
Jul 15, 2026 - 22:06 vuln.today
Analysis Generated
Jul 15, 2026 - 22:06 vuln.today
CVE Published
Jul 15, 2026 - 21:21 cve.org
HIGH 7.7

DescriptionCVE.org

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. Prior to 1.17.6, GuiServer::WndHookRegisterSlave in Sandboxie/core/svc/GuiServer.cpp stores attacker-supplied hthread and hproc fields from a GUI_WND_HOOK_REGISTER request without validating that the thread belongs to the sandboxed process or that the function pointer is in the caller address space, and GuiServer::WndHookNotifySlave then calls OpenThread(THREAD_SET_CONTEXT, FALSE, whk->hthread) and QueueUserAPC((PAPCFUNC)whk->hproc, hThread, (ULONG_PTR)req->threadid) as SYSTEM, allowing a sandboxed process to execute arbitrary code in an unsandboxed host process. This issue is fixed in version 1.17.6.

AnalysisAI

Sandbox escape with SYSTEM-level code execution in Sandboxie-Plus before 1.17.6 allows a process confined inside a sandbox to run arbitrary code in an unsandboxed host process. The privileged GuiServer service trusts attacker-supplied thread and function-pointer values from a GUI window-hook registration request and dispatches them via QueueUserAPC while running as SYSTEM, defeating the core isolation guarantee of the product. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain code execution inside sandboxed process
Delivery
Craft GUI_WND_HOOK_REGISTER with malicious hthread/hproc
Exploit
Send request to SYSTEM GuiServer
Execution
Trigger WndHookNotifySlave QueueUserAPC path
Persist
Execute attacker pointer as SYSTEM in host
Impact
Escape sandbox, full system compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to first be running code inside a Sandboxie-Plus sandbox (a sandboxed process) so they can issue a GUI_WND_HOOK_REGISTER request to the local SYSTEM GuiServer - this is a local sandbox-escape, not a remote attack. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The supplied CVSS 3.1 base score is 7.7 (High) with vector AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H - local vector, high attack complexity, scope change, and full confidentiality/integrity/availability impact, which correctly captures a boundary-crossing escape. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already achieved code execution inside a Sandboxie box - for example by luring a user to open malicious content in a sandboxed browser - sends a crafted GUI_WND_HOOK_REGISTER request to the SYSTEM GuiServer with an hthread handle and an hproc function pointer under their control. When the hook fires, GuiServer executes the attacker's pointer via QueueUserAPC as SYSTEM in a host process, breaking out of the sandbox and elevating to full system compromise. …
Remediation Vendor-released patch: 1.17.6 (classic 5.72.6) - upgrade all installations to this version or later, per advisory GHSA-rmv3-fhg3-75xh and the release at https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.6, which adds the missing validation of the hthread/hproc fields in GuiServer's window-hook handling. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, audit all systems running Sandboxie-Plus versions prior to 1.17.6 and stop using the product for containment of untrusted code; document what applications or workloads were previously sandboxed. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-45313 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy