Lucene search

[email protected]CVE-2020-15401

HistoryJun 30, 2020 - 12:15 p.m.

CVE-2020-15401

2020-06-3012:15:12

CWE-59

[email protected]

web.nvd.nist.gov

cve-2020-15401

iobit malware fighter pro

privilege escalation

ntfs junction

file deletion

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

4.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link.

Affected configurations

NVD

Node

iobitmalware_fighterMatch8.0.2.547pro

CPENameOperatorVersion
iobit:malware_fighteriobit malware fightereq8.0.2.547

CPE	Name	Operator	Version
iobit:malware_fighter	iobit malware fighter	eq	8.0.2.547

References

daniels-it-blog.blogspot.com/2020/06/when-your-anti-virus-turns-against-you.html

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

4.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2020-15401

prion1 nvd1 cvelist1