Arbitrary Memory Write Vulnerability in SoftSphere DefenseWall Personal Firewall 3.24

CVE-2015-1515 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call.

Learn more about our User Device Pen Test.