Lucene search

[email protected]CVE-2021-31727

HistoryMay 17, 2021 - 1:15 p.m.

CVE-2021-31727

2021-05-1713:15:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2021-31727

access control

malwarefox

antimalware

ioctl

privilege escalation

vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.3%

JSON

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL’s 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to .\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL’s to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.

CPENameOperatorVersion
malwarefox:antimalwaremalwarefox antimalwareeq2.74.0.150

CPE	Name	Operator	Version
malwarefox:antimalware	malwarefox antimalware	eq	2.74.0.150

References

github.com/irql0/CVE-2021-31728/blob/master/CVE-2021-31727.md

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.3%

JSON

Related for CVE-2021-31727

cvelist1 prion1 githubexploit1