PT-2018-17657 · Malwarefox · Malwarefox Antimalware

Souhail Hammou

Publicado

2018-02-03

Atualizado

2019-10-03

CVE-2018-6593

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MalwareFox AntiMalware version 2.74.0.150

Description An issue was discovered that allows improper access control due to a vulnerability in the zam32.sys and zam64.sys drivers. A non-privileged process can exploit this by connecting to the filter communication port and then using IOCTL 0x8000204C to elevate privileges.

Recommendations For MalwareFox AntiMalware version 2.74.0.150, consider restricting access to the zam32.sys and zam64.sys drivers as a temporary workaround until a patch is available. Avoid using IOCTL 0x8000204C in the .ZemanaAntiMalware endpoint until the issue is resolved.

Exploit

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2018-6593

Produtos afetados

Malwarefox Antimalware

PT-2018-17657 · Malwarefox · Malwarefox Antimalware

CVE-2018-6593

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4