PT-2023-29005 · Microworld · Microword Escan Antivirus

Dmknght

Publicado

2023-08-16

Atualizado

2024-05-17

CVE-2023-4383

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MicroWorld eScan Anti-Virus version 7.0.32

Description A critical vulnerability was found in MicroWorld eScan Anti-Virus on Linux, affecting an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732CWE-279

Identificadores relacionados

CVE-2023-4383

Produtos afetados

Microword Escan Antivirus

PT-2023-29005 · Microworld · Microword Escan Antivirus

CVE-2023-4383

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10