PT-2019-13289 · Total Defense · Total Defense Anti-Virus

Publicado

2019-09-24

Atualizado

2019-09-24

CVE-2019-13357

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Total Defense Anti-virus version 9.0.0.773

Description The issue allows local attackers to achieve SYSTEM-level code execution by hijacking the ccGUIFrm.dll when the caschelp.exe executable, which uses the untrusted search path C:, is run by the ccSchedulerSVC service.

Recommendations For Total Defense Anti-virus version 9.0.0.773, consider restricting access to the ccGUIFrm.dll until a patch is available to prevent code execution. Additionally, ensure the ccSchedulerSVC service is properly configured to minimize the risk of exploitation.

Exploit

Correção

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426

Identificadores relacionados

CVE-2019-13357

Produtos afetados

Total Defense Anti-Virus

PT-2019-13289 · Total Defense · Total Defense Anti-Virus

CVE-2019-13357

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4