In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.
References
Link | Resource |
---|---|
https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/K7%20Security/Local%20Privilege%20Escalation/v16.0.0120/README.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-28T14:54:32
Updated: 2019-10-28T14:54:32
Reserved: 2019-09-25T00:00:00
Link: CVE-2019-16897
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-28T15:15:14.020
Modified: 2019-10-31T02:36:20.233
Link: CVE-2019-16897
JSON object: View
Redhat Information
No data.
CWE