Severity by source
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionGitHub Advisory
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request with cbSize set to 0, up to 32KB of uninitialized stack memory from the service process is returned, leaking return addresses and stack cookies which bypass ASLR and /GS protections. Second, the handler performs a memcpy with an attacker-controlled length without verifying it fits within the 32KB stack buffer, enabling a stack buffer overflow. By chaining the information leak with the overflow, a sandboxed process can execute a ROP chain to achieve SYSTEM privilege escalation, even from a Security Hardened Sandbox. Hardware-enforced shadow stacks (Intel CET) prevent the ROP chain execution but do not mitigate the information leak. This issue has been fixed in version 1.17.3.
AnalysisAI
Stack buffer overflow in Sandboxie-Plus SbieSvc proxy service enables SYSTEM privilege escalation from sandboxed processes, including Security Hardened Sandboxes. Attackers chain an information disclosure (returning up to 32KB uninitialized stack memory with ASLR/stack cookie bypass) with an unbounded memcpy overflow in the GetRawInputDeviceInfoSlave IPC handler. Intel CET shadow stacks block ROP exploitation but not the information leak itself. Vendor-released patch available in version 1.17.3. No public exploit identified at time of analysis, but attack complexity is rated high (AC:H) with low privilege requirements (PR:L), making this viable for motivated attackers targeting sandbox environments.
Technical ContextAI
Sandboxie-Plus is a Windows application sandboxing solution that isolates untrusted processes using a kernel driver and user-mode service (SbieSvc). The vulnerability resides in the SbieSvc proxy service's IPC handler for GetRawInputDeviceInfo, which wraps Windows raw input device enumeration APIs. The flaw is a classic CWE-121 stack-based buffer overflow combined with uninitialized memory disclosure. When handling IPC requests from sandboxed processes, the service allocates a 32KB stack buffer but fails to validate the cbSize parameter before calling memcpy, allowing length-controlled overwrites. Setting cbSize=0 triggers a separate code path that returns stack garbage containing security-critical data (return addresses for ASLR bypass, stack cookies for /GS mitigation bypass). The local attack vector (AV:L) reflects the design: exploitation requires code execution inside a Sandboxie sandbox, which by definition runs locally on the target system. Attack complexity is high (AC:H) because successful exploitation requires precise memory layout knowledge, ROP chain construction, and coordination between the information leak and overflow primitives. The AT:P (Attack Requirements: Present) metric indicates specific conditions must exist for exploitation.
RemediationAI
Upgrade to Sandboxie-Plus version 1.17.3 or later, which addresses both the uninitialized memory disclosure and unbounded memcpy in the GetRawInputDeviceInfoSlave handler per GitHub advisory GHSA-7cpc-5hv7-rfmh. Organizations unable to immediately patch should consider disabling Sandboxie on systems where sandboxed processes originate from untrusted sources (malware analysis, web browser isolation), as exploitation requires code execution inside a sandbox. Hardware-enforced shadow stacks (Intel CET/Shadow Stack) provide partial mitigation by preventing ROP chain execution but do not address the information leak component, which could enable subsequent exploitation of other vulnerabilities. Restricting local user privileges does not mitigate this issue since PR:L (low privilege) sandboxed processes can exploit it. For air-gapped analysis environments, prioritize patching systems where sandbox escape would grant access to sensitive networks or data, as the SYSTEM escalation provides full host compromise. No workaround eliminates the vulnerability short of disabling the SbieSvc service entirely, which breaks all Sandboxie functionality.
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Mana
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
Local privilege escalation to SYSTEM in Intel Ethernet diagnostics driver (IQVW32.sys/IQVW64.sys versions before 1.3.1.0
Arbitrary code execution in Apple Safari, iOS/iPadOS, macOS Sequoia, and visionOS occurs when processing maliciously cra
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-27458