CVE-2022-31466

Name of the Vulnerable Software and Affected Versions Quick Heal Total Security versions prior to 12.1.1.27

Description A Time of Check - Time of Use (TOCTOU) issue allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved by exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file with a symlink. The vulnerability may follow a symlink that was created after a malware check.

Recommendations For versions prior to 12.1.1.27, update to version 12.1.1.27 or later to resolve the issue. As a temporary workaround, consider restricting access to system files to minimize the risk of exploitation. Avoid using the symlink feature in the affected software until the issue is resolved.