Description
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request with cbSize set to 0, up to 32KB of uninitialized stack memory from the service process is returned, leaking return addresses and stack cookies which bypass ASLR and /GS protections. Second, the handler performs a memcpy with an attacker-controlled length without verifying it fits within the 32KB stack buffer, enabling a stack buffer overflow. By chaining the information leak with the overflow, a sandboxed process can execute a ROP chain to achieve SYSTEM privilege escalation, even from a Security Hardened Sandbox. Hardware-enforced shadow stacks (Intel CET) prevent the ROP chain execution but do not mitigate the information leak. This issue has been fixed in version 1.17.3.
Published: 2026-05-05
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Sandboxie-Plus versions 1.17.2 and earlier contain two linked defects in the SbieSvc proxy service. When a sandboxed process calls GetRawInputDeviceInfoSlave with a zero-sized request, the handler returns up to 32 KB of uninitialized stack data, exposing return addresses and stack cookies normally protected by ASLR and /GS. A second defect performs an unchecked memcpy into this same 32 KB buffer, allowing a controlled overflow. These weaknesses can be chained: the memory leak supplies the addresses needed to craft a Return‑Oriented Programming chain, which then overruns the stack and runs code with SYSTEM privileges, even from a Security‑Hardened Sandbox. Hardware‑enforced Intel CET shadow stacks block the ROP execution but do not stop the leak. The result is a local privilege escalation that allows a sandboxed user to attain system‑level authority on the host.

Affected Systems

The affected product is Sandboxie‑Plus from the sandboxie‑plus vendor. All releases up to and including 1.17.2 are vulnerable when the SbieSvc service is active and the GetRawInputDeviceInfoSlave handler is reachable by sandboxed processes. The exploit requires Windows execution of Sandboxie‑Plus and a sandboxed process capable of sending the IPC request.

Risk and Exploitability

The CVSS score of 8.8 classifies this flaw as High severity. No EPSS data is available, and it is not listed in the CISA KEV catalog, so the publicly known exploitation probability is uncertain, but the lack of mitigations on most hosts suggests a realistic threat. The attack is local: an attacker must already have a sandboxed user process and must trigger the vulnerable IPC call. The information‑leak stage bypasses standard mitigations, and the subsequent buffer overflow enables arbitrary code execution through a ROP chain.

Generated by OpenCVE AI on May 5, 2026 at 21:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Sandboxie‑Plus to version 1.17.3 or later, which removes the uninitialized memory leak and bounds checks in GetRawInputDeviceInfoSlave.
  • If an upgrade is not immediately possible, isolate sandboxed processes in a hardened environment and restrict IPC access to GetRawInputDeviceInfoSlave to prevent exploitation of the vulnerable handler.
  • Enable hardware CISA-compliant features such as Intel CET (shadow stacks) to mitigate the ROP chain, though note that this does not close the information‑leak vector.

Generated by OpenCVE AI on May 5, 2026 at 21:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Sandboxie-plus
Sandboxie-plus sandboxie
Vendors & Products Sandboxie-plus
Sandboxie-plus sandboxie

Tue, 05 May 2026 20:00:00 +0000

Type Values Removed Values Added
Description Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request with cbSize set to 0, up to 32KB of uninitialized stack memory from the service process is returned, leaking return addresses and stack cookies which bypass ASLR and /GS protections. Second, the handler performs a memcpy with an attacker-controlled length without verifying it fits within the 32KB stack buffer, enabling a stack buffer overflow. By chaining the information leak with the overflow, a sandboxed process can execute a ROP chain to achieve SYSTEM privilege escalation, even from a Security Hardened Sandbox. Hardware-enforced shadow stacks (Intel CET) prevent the ROP chain execution but do not mitigate the information leak. This issue has been fixed in version 1.17.3.
Title Sandboxie-Plus sandbox escape via uninitialized memory leak and stack overflow in GetRawInputDeviceInfoSlave
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Sandboxie-plus Sandboxie
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-05T19:27:31.552Z

Reserved: 2026-03-27T18:18:14.896Z

Link: CVE-2026-34459

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-05T20:16:37.317

Modified: 2026-05-05T20:16:37.317

Link: CVE-2026-34459

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T21:30:05Z

Weaknesses