VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Anti Malware Service. The issue results from incorrect permissions on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22345.
References
Link | Resource |
---|---|
https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 | Release Notes |
https://www.zerodayinitiative.com/advisories/ZDI-24-819/ | Third Party Advisory |
Configurations
History
23 Aug 2024, 16:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:vipre:advanced_security:12.0.1.214:*:*:*:*:*:*:* | |
First Time |
Vipre
Vipre advanced Security |
|
References | () https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 - Release Notes | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-24-819/ - Third Party Advisory | |
Summary |
|
21 Aug 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-21 17:15
Updated : 2024-08-23 16:48
NVD link : CVE-2024-5930
Mitre link : CVE-2024-5930
CVE.ORG link : CVE-2024-5930
JSON object : View
Products Affected
vipre
- advanced_security
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource