Hardcoded credentials

2018-01-1619:29:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.

CPENameOperatorVersion
antiviruslt15.1.0.53
antiviruslt15.1.0308
endpointlt14.2.0137
internet_securitylt15.1.0297
total_securitylt15.1.0324
total_securitylt16.0.0131
ultimate_securitylt15.1.0324

Name	Operator	Version
antivirus	lt	15.1.0.53
antivirus	lt	15.1.0308
endpoint	lt	14.2.0137
internet_security	lt	15.1.0297
total_security	lt	15.1.0324
total_security	lt	16.0.0131
ultimate_security	lt	15.1.0324