CVE-2019-16913

Name of the Vulnerable Software and Affected Versions PC Protect Antivirus version 4.14.31

Description The issue concerns weak folder permissions in the default installation directory of PC Protect Antivirus, allowing any user to modify the contents of the directory and its subfolders. Additionally, the program installs a service called SecurityService that runs as LocalSystem, which can be exploited to escalate privileges to NT AUTHORITYSYSTEM by substituting the service's binary with a malicious file.

Recommendations For PC Protect Antivirus version 4.14.31, consider restricting access to the installation directory and its subfolders to prevent unauthorized modifications. As a temporary workaround, restrict access to the SecurityService to minimize the risk of privilege escalation.