PT-2026-3159 · Totalav · Totalav
Andrea Intilangelo
·
Publicado
2026-01-15
·
Atualizado
2026-02-09
·
CVE-2021-47787
CVSS v4.0
8.5
Alta
| Vetor | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
TotalAV version 5.15.69
Description
TotalAV version 5.15.69 contains an unquoted service path issue in multiple system services running with LocalSystem privileges. An attacker can place malicious executables in specific unquoted path segments, potentially gaining SYSTEM-level access by exploiting the service path configuration.
Recommendations
Ensure service paths are properly quoted to prevent the placement of malicious executables.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Totalav