Lucene search

[email protected]CVE-2023-3438

HistoryJul 03, 2023 - 8:15 a.m.

CVE-2023-3438

2023-07-0308:15:09

CWE-428

[email protected]

web.nvd.nist.gov

cve-2023-3438

windows search path vulnerability

move

privilege escalation

antimalware services

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe).
The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.

Affected configurations

NVD

Node

trellixmoveRange≤4.10.0windows

CPENameOperatorVersion
trellix:movetrellix movele4.10.0

CPE	Name	Operator	Version
trellix:move	trellix move	le	4.10.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Trellix Move",
    "vendor": "Trellix",
    "versions": [
      {
        "status": "affected",
        "version": "4.10.0"
      }
    ]
  }
]

References

kcm.trellix.com/corporate/index?page=content&id=SB10404

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-3438

nvd1 prion1 cvelist1 openvas1