Design/Logic Flaw

2020-03-1821:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

Adaware antivirus 12.6.1005.11662 and 12.7.1055.0 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder.

CPENameOperatorVersion
adaware_antivirusge12.6.1005.11662
adaware_antivirusle12.7.1055.0

CPE	Name	Operator	Version
	adaware_antivirus	ge	12.6.1005.11662
	adaware_antivirus	le	12.7.1055.0

References

medium.com/@kusolwatcharaapanukorn/0-days-adaware-antivirus-quarantine-flaws-allow-privilege-escalation-3d1f3c8214ec