CVE-2019-13357

Sažetak

In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the affected executable.

Reference

https://github.com/NtRaiseHardError/Antimalware-Research/tree/master/Total%20Defense/DLL%20Hijacking/v9.0.0.773
https://www.totaldefense.com/security-blog

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-09-2019 - 16:41

Objavljeno

24-09-2019 - 15:15