Risk | Low |
Patch available | NO |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2023-32175 CVE-2023-32177 CVE-2023-32176 |
CWE-ID | CWE-59 CWE-22 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
Antivirus Plus Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | Vipre |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU76842
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-32175
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a link following issue within the Anti Malware Service. A local user can create a symbolic link to escalate privileges and execute arbitrary code in the context of SYSTEM.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAntivirus Plus: All versions
CPE2.3 External linkshttp://www.zerodayinitiative.com/advisories/ZDI-23-755/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76848
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a link following issue within the FPQuarTransfer method. A local user can create a symbolic link to delete arbitrary files, escalate privileges and execute arbitrary code in the context of SYSTEM.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAntivirus Plus: All versions
CPE2.3 External linkshttp://www.zerodayinitiative.com/advisories/ZDI-23-759/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76845
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a link following issue within the TelFileTransfer method. A local user can create a symbolic link to delete arbitrary files, escalate privileges and execute arbitrary code in the context of SYSTEM.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAntivirus Plus: All versions
CPE2.3 External linkshttp://www.zerodayinitiative.com/advisories/ZDI-23-758/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76844
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-32177
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the DeleteHistoryFile method. A local user can send a specially crafted HTTP request to escalate privileges and execute arbitrary code in the context of SYSTEM.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAntivirus Plus: All versions
CPE2.3 External linkshttp://www.zerodayinitiative.com/advisories/ZDI-23-757/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76843
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-32176
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the SetPrivateConfig method. A local user can send a specially crafted HTTP request to escalate privileges and execute arbitrary code in the context of SYSTEM.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAntivirus Plus: All versions
CPE2.3 External linkshttp://www.zerodayinitiative.com/advisories/ZDI-23-756/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.