Lucene search

[email protected]CVE-2020-9362

HistoryFeb 24, 2020 - 4:15 p.m.

CVE-2020-9362

2020-02-2416:15:13

CWE-436

[email protected]

web.nvd.nist.gov

quick heal

antivirus

cve-2020-9362

virus

security flaw

bypass mitigation

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.6%

JSON

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.

Affected configurations

NVD

Node

quickhealantivirus_for_serverMatch2019-11

quickhealantivirus_proMatch2019-11

quickhealhome_securityMatch2019-11

quickhealinternet_securityMatch2019-11

quickhealtotal_securityMatch2019-11-

quickhealtotal_securityMatch2019-11android

quickhealtotal_securityMatch2019-11mac_os

quickhealtotal_security_multi-deviceMatch2019-11

CPENameOperatorVersion
quickheal:antivirus_for_serverquickheal antivirus for servereq2019-11
quickheal:antivirus_proquickheal antivirus proeq2019-11
quickheal:home_securityquickheal home securityeq2019-11
quickheal:internet_securityquickheal internet securityeq2019-11
quickheal:total_securityquickheal total securityeq2019-11
quickheal:total_security_multi-devicequickheal total security multi-deviceeq2019-11

CPE	Name	Operator	Version
quickheal:antivirus_for_server	quickheal antivirus for server	eq	2019-11
quickheal:antivirus_pro	quickheal antivirus pro	eq	2019-11
quickheal:home_security	quickheal home security	eq	2019-11
quickheal:internet_security	quickheal internet security	eq	2019-11
quickheal:total_security	quickheal total security	eq	2019-11
quickheal:total_security_multi-device	quickheal total security multi-device	eq	2019-11

References

packetstormsecurity.com/files/156580/QuickHeal-Generic-Malformed-Archive-Bypass.html

seclists.org/fulldisclosure/2020/Mar/14

blog.zoller.lu/p/from-low-hanging-fruit-department_24.html

blog.zoller.lu/p/tzo-20-2020-quickheal-malformed-archive.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.6%

JSON

Related for CVE-2020-9362

cvelist1 prion1 nvd1