CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-13356

HIGH
7.8
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile12.12th
Published2019年9月24日
Last Modified2024年11月21日

Vulnerability Description

In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL.

Affected Platforms (CPE)

📦
Totaldefense

Anti Virus

= 9.0.0.773

References & Advisories

🔗 https://github.com/NtRaiseHardError/Antimalware-Research/tree/master/Total%20Defense/Local%20Privilege%20Escalation/v9.0.0.773
🔗 https://www.totaldefense.com/security-blog
🔗 https://github.com/NtRaiseHardError/Antimalware-Research/tree/master/Total%20Defense/Local%20Privilege%20Escalation/v9.0.0.773
🔗 https://www.totaldefense.com/security-blog

相關漏洞威脅

CVE-2006-594010.0

Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Intege...

CVE-2006-593810.0

Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a craft...

CVE-2005-305710.0

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers ...

CVE-2006-640910.0

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and ...