PT-2018-6512 · K7 · K7Antivirus Premium
Published
2018-01-16
·
Updated
2019-10-03
·
CVE-2017-17429
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
K7 Antivirus Premium versions prior to 15.1.0.53
Description:
The issue concerns insufficient authentication of user-controlled input to the K7Sentry device, allowing a local user with a LOW integrity process to access a raw hard disk by sending a specific IOCTL.
Recommendations:
For versions prior to 15.1.0.53, update to version 15.1.0.53 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
K7Antivirus Premium