PT-2024-33074 · Quick Heal · Quick Heal Antivirus Pro+1

Nero22K

Published

2024-11-18

Updated

2024-11-19

CVE-2024-48292

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QuickHeal Antivirus Pro version v24.0 Quick Heal Total Security version v24.0

Description An issue in the wssrvc.exe service allows authenticated attackers to escalate privileges.

Recommendations For QuickHeal Antivirus Pro version v24.0, consider disabling the wssrvc.exe service until a patch is available. For Quick Heal Total Security version v24.0, consider disabling the wssrvc.exe service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2024-48292

Affected Products

Quick Heal Total Security

Quick Heal Antivirus Pro

PT-2024-33074 · Quick Heal · Quick Heal Antivirus Pro+1

CVE-2024-48292

Weakness Enumeration

Related Identifiers

Affected Products

References · 6