Lucene search

[email protected]CVE-2020-24955

HistorySep 01, 2020 - 10:15 p.m.

CVE-2020-24955

2020-09-0122:15:10

CWE-59

[email protected]

web.nvd.nist.gov

cve-2020-24955

superantisyware

local privilege escalation

dll

quarantine

ntfs

directory junction

ualapi.dll

malware

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware.

Affected configurations

NVD

Node

superantispywareprofessional_xRange<10.0.1206trial

CPENameOperatorVersion
superantispyware:professional_xsuperantispyware professional xlt10.0.1206

CPE	Name	Operator	Version
superantispyware:professional_x	superantispyware professional x	lt	10.0.1206

References

github.com/b1nary0x1

www.youtube.com/watch?v=jdcqbev-H5I

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2020-24955

cvelist1 nvd1 githubexploit1 prion1