Описание
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE) vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit any registry key, leading to a full compromise as SYSTEM.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:k7computing:k7_ultimate_security:17.0.2045:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00017
Низкий
7.7 High
CVSS3
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 7.7
github
около 2 месяцев назад
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE) vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit any registry key, leading to a full compromise as SYSTEM.
EPSS
Процентиль: 3%
0.00017
Низкий
7.7 High
CVSS3
Дефекты
CWE-269