CVE-2018-6201

Name of the Vulnerable Software and Affected Versions eScan Antivirus version 14.0.1400.2029

Description The issue in eScan Antivirus arises from the driver file econceal.sys, which fails to validate input values from IOCtl 0x830020E0 or 0x830020E4. This can allow local users to cause a denial of service, resulting in a Blue Screen of Death (BSOD), or potentially have other unspecified impacts.

Recommendations For eScan Antivirus version 14.0.1400.2029, consider disabling the econceal.sys driver as a temporary workaround until a patch is available. Restrict access to IOCtl 0x830020E0 and 0x830020E4 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.