K7 Antivirus Premium Information Disclosure Vulnerability

K7 Antivirus Premium is a suite of anti-virus software from K7 Computing India. A security vulnerability exists in versions of K7 Antivirus Premium prior to 15.1.0.53, which stems from a failure to adequately authenticate user input sent to the K7Sentry device. A local attacker could exploit the...

CVE-2017-17429

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...

Hardcoded credentials

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...

K7 Total Security Device Driver Arbitrary Memory Read

Vulnerability Summary The following advisory describes an Crash found in K7 Total Security. Credit An independent security researcher, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response K7 has released patches to address this vulnerability –...