CVE-2026-3796

Sažetak

A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIO_Imp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Reference

https://github.com/cwjchoi01/FocusKiller
https://github.com/cwjchoi01/FocusKiller/tree/main/FocusKiller
https://vuldb.com/?ctiid.349763
https://vuldb.com/?id.349763
https://vuldb.com/?submit.758991

CVSS

Base:	4.3
Impact:	6.4
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-03-2026 - 18:48

Objavljeno

09-03-2026 - 04:15