Nero22K

**Name of the Vulnerable Software and Affected Versions** QuickHeal Antivirus Pro version v24.0 Quick Heal Total Security version v24.0 **Description** An issue in the wssrvc.exe service allows authenticated attackers to escalate privileges. **Recommendations** For QuickHeal Antivirus Pro version v24.0, consider disabling the wssrvc.exe service until a patch is available. For Quick Heal Total Security version v24.0, consider disabling the wssrvc.exe service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QuickHeal Antivirus Pro versions 24.1.0.182 and earlier **Description** The issue is related to incorrect access control, allowing authenticated attackers with low-level privileges to arbitrarily modify antivirus settings. This flaw enables privilege escalation through improper access control. **Recommendations** For QuickHeal Antivirus Pro versions 24.1.0.182 and earlier, update to a version that addresses the access control issue to prevent arbitrary modification of antivirus settings. At the moment, there is no information about a newer version that contains a fix for this vulnerability.