CVE-2023-32178 in Antivirus Plusinformation

Résumé

par MITRE • 03/05/2024

VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the TelFileTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. . Was ZDI-CAN-19396.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Réserver

03/05/2023

Divulgation

03/05/2024

Modérer

accepté

Entrée

VDB-230452

CPE

prêt

EPSS

0.00517

KEV

non

Activités

très faible

Sources

Do you know our Splunk app?

Download it now for free!