← voltar
CVE-2021-47787

TotalAV 5.15.69 - Unquoted Service Path

CVSS 8.5 HIGHEPSS 0.2%CWE-428
TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Totalav · TotalAV

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.exploit-db.com/exploits/50314https://www.totalav.comhttps://www.vulncheck.com/advisories/totalav-unquoted-service-path