Name of the Vulnerable Software and Affected Versions Antivirus Kaspersky 8.0 for Linux File Servers

Description The issue is related to insecure privilege management in the web console of Antivirus Kaspersky 8.0 for Linux File Servers. An attacker with non-privileged user rights, specifically the kluser account, can exploit this to execute code with privileged root user rights. This is achieved by utilizing the cron utility and creating a new file with root privileges during the restoration of a file from quarantine.

Recommendations For Antivirus Kaspersky 8.0 for Linux File Servers, consider restricting access to the cron utility and the file restoration feature from quarantine to minimize the risk of exploitation until a patch is available. Additionally, monitor system logs for suspicious activity related to the creation of new files with root privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.