CVE-2017-6008

Name: CVE-2017-6008
Creator: NVD / NIST
Published: 2017-09-13T08:29:00.36+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.90%

Last modified Jun 17, 2026

CVE-2017-6008 is a vulnerability of currently unknown severity. A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.. EPSS estimates a 1.90% chance of exploitation in the next 30 days.

Description

A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call.

Metrics

EPSS Probability

1.90%

77.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Sophos	Hitmanpro	<= 3.7.20

References

https://github.com/cbayet/Exploit-CVE-2017-6008Exploit, Third Party Advisory
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/Exploit, Technical Description, Third Party Advisory
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7/Exploit, Technical Description, Third Party Advisory
https://www.exploit-db.com/exploits/43057/
https://www.nuitduhack.com/fr/planning/talk_10Third Party Advisory
https://github.com/cbayet/Exploit-CVE-2017-6008Exploit, Third Party Advisory
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10/Exploit, Technical Description, Third Party Advisory
https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7/Exploit, Technical Description, Third Party Advisory
https://www.exploit-db.com/exploits/43057/
https://www.nuitduhack.com/fr/planning/talk_10Third Party Advisory

Timeline

Published: Sep 13, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-6008?

How severe is CVE-2017-6008?

Severity scoring for CVE-2017-6008 is pending analysis. The EPSS model estimates a 1.90% probability of exploitation in the next 30 days.

How do I fix CVE-2017-6008?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6008?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST