CVE-2024-20506

2024-09-0422:15:04

CWE-754

cisco

web.nvd.nist.gov

clam antivirus

vulnerability

local attacker

critical system files

log file

symbolic link

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS

Percentile

9.6%

JSON

A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.

The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.

Affected configurations

Nvd

Vulners

Node

clamavclamavRange<0.103.12

clamavclamavRange0.104.0–1.0.7

clamavclamavRange1.2.0–1.3.2

clamavclamavMatch1.4.0

VendorProductVersionCPE
clamavclamav*cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
clamavclamav1.4.0cpe:2.3:a:clamav:clamav:1.4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
clamav	clamav	*	cpe:2.3:a:clamav:clamav::::::::
clamav	clamav	1.4.0	cpe:2.3:a:clamav:clamav:1.4.0:::::::*

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "ClamAV",
    "versions": [
      {
        "status": "affected",
        "version": "1.4.0"
      },
      {
        "status": "affected",
        "version": "1.3.2"
      },
      {
        "status": "affected",
        "version": "1.0.6"
      },
      {
        "status": "affected",
        "version": "1.0.5"
      },
      {
        "status": "affected",
        "version": "1.0.4"
      },
      {
        "status": "affected",
        "version": "1.0.3"
      },
      {
        "status": "affected",
        "version": "1.0.2"
      },
      {
        "status": "affected",
        "version": "1.0.1"
      },
      {
        "status": "affected",
        "version": "1.0.0"
      },
      {
        "status": "affected",
        "version": "1.2.x"
      },
      {
        "status": "affected",
        "version": "0.105.x"
      },
      {
        "status": "affected",
        "version": "0.104.x"
      },
      {
        "status": "affected",
        "version": "0.103.11"
      },
      {
        "status": "affected",
        "version": "0.103.10"
      },
      {
        "status": "affected",
        "version": "0.103.9"
      },
      {
        "status": "affected",
        "version": "0.103.8"
      },
      {
        "status": "affected",
        "version": "0.103.7"
      },
      {
        "status": "affected",
        "version": "0.103.6"
      },
      {
        "status": "affected",
        "version": "0.103.5"
      },
      {
        "status": "affected",
        "version": "0.103.4"
      },
      {
        "status": "affected",
        "version": "0.103.3"
      },
      {
        "status": "affected",
        "version": "0.103.2"
      },
      {
        "status": "affected",
        "version": "0.103.1"
      },
      {
        "status": "affected",
        "version": "0.103.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]