ГлавнаяУязвимости → CVE-2021-47787
7.8высокая

CVE-2021-47787

Описание

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration.

Затрагиваемое ПО
Totalav Totalav
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.exploit-db.com/exploits/50314https://www.totalav.comhttps://www.vulncheck.com/advisories/totalav-unquoted-service-pathhttps://www.exploit-db.com/exploits/50314