Описание
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.10.0 (включая)
cpe:2.3:a:trellix:move:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
4.4 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-428
CWE-428
Связанные уязвимости
CVSS3: 4.4
github
больше 2 лет назад
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.
EPSS
Процентиль: 9%
0.00034
Низкий
4.4 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-428
CWE-428