PT-2019-18682 · Emsisoft · Emsisoft Anti-Malware

Publicado

2019-02-08

Atualizado

2020-08-24

CVE-2019-7651

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Emsisoft Anti-Malware versions prior to 2018.12

Description The issue allows an attacker to bypass ACLs due to the lack of FILE DEVICE SECURE OPEN in Interpreted Device Characteristics. This leads to improper protection of files and directories within the .EPP device, resulting in unintended impersonation or object creation.

Recommendations For versions prior to 2018.12, update to version 2018.12 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2019-7651

Produtos afetados

Emsisoft Anti-Malware

PT-2019-18682 · Emsisoft · Emsisoft Anti-Malware

CVE-2019-7651

Identificadores relacionados

Produtos afetados

Referências · 6