PT-2019-13289 · Total Defense · Total Defense Anti-Virus
Published
2019-09-24
·
Updated
2019-09-24
·
CVE-2019-13357
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Total Defense Anti-virus version 9.0.0.773
Description
The issue allows local attackers to achieve SYSTEM-level code execution by hijacking the ccGUIFrm.dll when the caschelp.exe executable, which uses the untrusted search path C:, is run by the ccSchedulerSVC service.
Recommendations
For Total Defense Anti-virus version 9.0.0.773, consider restricting access to the
ccGUIFrm.dll until a patch is available to prevent code execution. Additionally, ensure the ccSchedulerSVC service is properly configured to minimize the risk of exploitation.Exploit
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Total Defense Anti-Virus