CVE-2019-25269

Amiti Antivirus 25.0.640 - Unquoted Service Path Vulnerability

CVSS 8.5 HIGHEPSS 0.3%CWE-428

Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Netgate · Amiti Antivirus

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.exploit-db.com/exploits/47747 https://www.vulncheck.com/advisories/amiti-antivirus-unquoted-service-path-vulnerability http://www.netgate.sk/