CVE-2019-16897

Name of the Vulnerable Software and Affected Versions K7 Antivirus Premium versions 16.0.xxx through 16.0.0120 K7 Total Security versions 16.0.xxx through 16.0.0120 K7 Ultimate Security versions 16.0.xxx through 16.0.0120

Description The issue is related to the improper validation of administrative privileges by the K7TSHlpr.dll module in K7 security products, allowing for arbitrary registry writes in the K7AVOptn.dll module. This can facilitate escalation of privileges via inter-process communication with a service process. The vulnerability may be exploited by a remote attacker to elevate their privileges.

Recommendations For K7 Antivirus Premium versions 16.0.xxx through 16.0.0120, consider disabling the K7TSHlpr.dll module as a temporary workaround until a patch is available. For K7 Total Security versions 16.0.xxx through 16.0.0120, restrict access to the K7AVOptn.dll module to minimize the risk of exploitation. For K7 Ultimate Security versions 16.0.xxx through 16.0.0120, avoid using the K7TSHlpr.dll module in inter-process communication until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.