CVE-2014-9643

Name: CVE-2014-9643
Creator: NVD / NIST
Published: 2015-02-06T15:59:11.477+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.05%

Last modified Jun 17, 2026

CVE-2014-9643 is a vulnerability of currently unknown severity. K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.. EPSS estimates a 1.05% chance of exploitation in the next 30 days.

Description

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.

Metrics

EPSS Probability

1.05%

59.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
K7computing	K7sentry.Sys	<= 12.8.0.117
K7computing	Anti-Virus Plus	<= 14.2.0.252
K7computing	Total Security	<= 14.2.0.252
K7computing	Ultimate Security	<= 14.2.0.252

References

Timeline

Published: Feb 6, 2015
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-9643?

How severe is CVE-2014-9643?

Severity scoring for CVE-2014-9643 is pending analysis. The EPSS model estimates a 1.05% probability of exploitation in the next 30 days.

How do I fix CVE-2014-9643?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-9643?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST