CVE-2025-46715

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-46715

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46715.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-46715

Aliases

GHSA-67p9-6h73-ff7x

Published

2025-05-22T16:46:16.419Z

Modified

2026-04-10T05:28:30.949435Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Sandboxie Arbitrary Kernel Write in SbieDrv.sys API (API_GET_SECURE_PARAM)

Details

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, Api_GetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write to. GetRegValue then writes the contents of the SBIE registry entry selected to this address. An attacker can pass in a kernel pointer and the driver dumps the registry key contents we requested to it. This can be triggered by anyone on the system, including low integrity windows processes. Version 1.15.12 fixes the issue.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/46xxx/CVE-2025-46715.json",
    "cwe_ids": [
        "CWE-787"
    ],
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/sandboxie-plus/sandboxie

Affected ranges

Type: GIT
Repo: https://github.com/sandboxie-plus/sandboxie
Events: Introduced

e823533d3e240a27943323170328f2536aba73e2

Fixed

2c2ab0537b92123886036e87a1f1857e7660ce92

Affected versions

1.*

1.3.4

v1.*

v1.10.1

v1.10.2

v1.10.3

v1.10.4

v1.10.5

v1.11.0

v1.11.1

v1.11.2

v1.11.3

v1.11.4

v1.12.0

v1.12.1

v1.12.2

v1.12.3

v1.12.4

v1.12.5

v1.12.6

v1.12.7

v1.12.8

v1.12.9

v1.13.0

v1.13.1

v1.13.2

v1.13.3

v1.13.4

v1.13.5

v1.13.6

v1.13.7

v1.14.0

v1.14.1

v1.14.10

v1.14.3

v1.14.4

v1.14.5

v1.14.6

v1.14.7

v1.14.8

v1.14.9

v1.15.0

v1.15.1

v1.15.10

v1.15.2

v1.15.3

v1.15.4

v1.15.5

v1.15.6

v1.15.7

v1.15.8

v1.15.9

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.5

v1.4.0

v1.4.1

v1.4.2

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.1a

v1.6.1b

v1.6.2b

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.7.0

v1.7.1

v1.7.2

v1.8.0

v1.8.1

v1.8.2

v1.8.2a

v1.8.3

v1.8.4

v1.9.0

v1.9.1

v1.9.3

v1.9.4

v1.9.6

v1.9.7

v1.9.8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46715.json"