CVE-2018-7535

Name of the Vulnerable Software and Affected Versions TotalAV version 4.1.7

Description An issue was discovered that allows an unprivileged user to modify or overwrite all of the product's files due to weak permissions under %PROGRAMFILES%. This weakness enables local users to gain privileges or obtain maximum control over the product.

Recommendations For TotalAV version 4.1.7, consider restricting access to the product's files under %PROGRAMFILES% to prevent local users from modifying or overwriting them, until a fix is available.