Buffer overflow in Internet Security and Kingsoft Antivirus - #VU47733
Published: October 20, 2020
Vulnerability identifier: #VU47733
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Internet Security
Kingsoft Antivirus
Internet Security
Kingsoft Antivirus
Software vendor:
Kingsoft Corp.
Kingsoft Corp.
Description
The vulnerability allows a local user to escalate privileges on the target system.
The vulnerability exists due to a boundary error when processing IOCTL 0x80030004 or 0x80030008 by the KWatch3.sys (internet security) kernel driver. A local user can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.