Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-45313

CVE-2026-45313: Sandboxie-Plus RCE Vulnerability

CVE-2026-45313 is a remote code execution flaw in Sandboxie-Plus that allows sandboxed processes to execute arbitrary code in unsandboxed host processes. This post explains its impact, affected versions, and mitigation steps.

Published:

CVE-2026-45313 Overview

CVE-2026-45313 is a sandbox escape vulnerability in Sandboxie-Plus, an open source sandbox-based isolation product for Windows. The flaw exists in the GuiServer::WndHookRegisterSlave function within Sandboxie/core/svc/GuiServer.cpp. Sandboxie-Plus stores attacker-supplied hthread and hproc fields from a GUI_WND_HOOK_REGISTER request without validating that the thread belongs to the sandboxed process or that the function pointer resides in the caller address space. A sandboxed process can abuse this to execute arbitrary code inside an unsandboxed host process running as SYSTEM. The maintainers fixed the issue in version 1.17.6.

Critical Impact

A sandboxed process can escape isolation and execute arbitrary code as SYSTEM in an unsandboxed host process, breaking the primary security boundary the product provides.

Affected Products

  • Sandboxie-Plus versions prior to 1.17.6
  • Sandboxie-Plus core service component (GuiServer.cpp)
  • Windows systems running vulnerable Sandboxie-Plus builds

Discovery Timeline

  • 2026-07-15 - CVE-2026-45313 published to the National Vulnerability Database
  • 2026-07-16 - Last updated in NVD database

Technical Details for CVE-2026-45313

Vulnerability Analysis

The vulnerability categorizes as [CWE-284] Improper Access Control leading to a sandbox escape and local privilege escalation. Sandboxie-Plus uses a privileged service to broker GUI-related operations for sandboxed processes. The GuiServer::WndHookRegisterSlave handler accepts a GUI_WND_HOOK_REGISTER request from a client and records the caller-provided hthread (thread handle) and hproc (function pointer) values without validation.

When GuiServer::WndHookNotifySlave later processes the registered hook, it invokes OpenThread(THREAD_SET_CONTEXT, FALSE, whk->hthread) to obtain a thread handle, then calls QueueUserAPC((PAPCFUNC)whk->hproc, hThread, (ULONG_PTR)req->threadid). Because these calls execute in the context of the SbieSvc service running as SYSTEM, the attacker-supplied function pointer runs at SYSTEM privilege inside a host process outside the sandbox.

Root Cause

The root cause is missing validation of cross-process trust boundaries. The handler does not verify that the supplied thread ID belongs to the sandboxed caller, nor that the function pointer references executable memory in the caller's address space. Both hthread and hproc are treated as trusted input despite originating from a sandboxed, untrusted client.

Attack Vector

A process confined by Sandboxie-Plus crafts a GUI_WND_HOOK_REGISTER request that specifies a target thread ID belonging to an unsandboxed process and a hproc value pointing to attacker-controlled shellcode or a LoadLibrary-style gadget. Triggering the notification path causes the privileged service to queue a user-mode APC into that foreign thread. When the target thread enters an alertable wait, the attacker's routine executes as SYSTEM outside the sandbox, defeating the isolation guarantee.

Detection Methods for CVE-2026-45313

Indicators of Compromise

  • Unexpected APCs queued into host processes originating from SbieSvc.exe after receiving traffic from sandboxed clients
  • Child processes or module loads in unsandboxed processes that were initiated indirectly through the Sandboxie service
  • Sandboxie-Plus installations reporting versions earlier than 1.17.6 in enterprise inventory scans

Detection Strategies

  • Monitor for SbieSvc.exe interacting with threads in processes that are not registered sandbox members
  • Alert on code execution in host processes where the parent activity chain traces back to a sandboxed process
  • Track calls to OpenThread with THREAD_SET_CONTEXT followed by QueueUserAPC originating from the Sandboxie service against non-sandbox targets

Monitoring Recommendations

  • Inventory all endpoints for Sandboxie-Plus versions and flag any build below 1.17.6
  • Enable process creation and image load telemetry on hosts running Sandboxie-Plus
  • Correlate sandbox escape indicators with subsequent SYSTEM-level activity such as service creation, credential access, or persistence

How to Mitigate CVE-2026-45313

Immediate Actions Required

  • Upgrade Sandboxie-Plus to version 1.17.6 or later on all endpoints
  • Restrict which users can launch sandboxed processes on shared or multi-user systems until patching is complete
  • Audit sandbox configurations to ensure untrusted workloads are not running under vulnerable builds

Patch Information

The issue is fixed in Sandboxie-Plus 1.17.6. Refer to the GitHub Release v1.17.6 notes and the GitHub Security Advisory GHSA-rmv3-fhg3-75xh for the fix that adds validation of the supplied thread ownership and function pointer address space before invoking OpenThread and QueueUserAPC.

Workarounds

  • No official workaround exists; upgrading to 1.17.6 is the supported remediation
  • Stop the SbieSvc service and avoid running untrusted code under Sandboxie-Plus until the update is applied
  • Limit sandboxed process execution to non-privileged interactive sessions to reduce exposure of high-value host processes
bash
# Verify installed Sandboxie-Plus version on Windows (PowerShell)
Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" |
  Where-Object { $_.DisplayName -like "Sandboxie-Plus*" } |
  Select-Object DisplayName, DisplayVersion

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.