.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
High
Resolved LPE in HitmanPro.Alert (CVE-2021-25270)
CVE(S)
CVE-2021-25270
PRODUCT(S)
HitmanPro.Alert
Updated
2021 Oct 7
Article Version
2
First Published
2021 Oct 7
Publication ID
sophos-sa-20211007-hmpa-lpe
Workaround
No
Overview
A local privilege escalation vulnerability in HitmanPro.Alert was discovered and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher. The vulnerability has been fixed. There is no action required for customers, as updates are installed automatically by default.
Sophos would like to thank Michael Bourque (@downwithupsec) for responsibly disclosing the issues to Sophos.
The remediation prevented local users from executing arbitrary code with administrator privileges. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted.
Applies to the following Sophos product(s) and version(s)
- Sophos HitmanPro.Alert prior version Build 901
The Sophos Intercept X family is not impacted by this advisory.
Remediation
- Fix included in HitmanPro.Alert Build 901 and Build 903, released June 23, 2021
Related Information
Sophos Responsible Disclosure Policy
To learn about Sophos security vulnerability disclosure policies and publications, see the Responsible Disclosure Policy.