Описание
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microworld_technologies:escan_anti-virus:9.0.722.1:*:*:*:*:*:*:*
cpe:2.3:a:microworld_technologies:escan_internet_security:9.0.722.1:*:*:*:*:*:*:*
cpe:2.3:a:microworld_technologies:escan_virus_control:9.0.722.1:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00332
Низкий
7.2 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe.
EPSS
Процентиль: 56%
0.00332
Низкий
7.2 High
CVSS2
Дефекты
CWE-264