CVE-2019-16896

CVE-2019-16896 affects K7 Ultimate Security 16.0.0117. The backup module K7BKCExt.dll improperly validates administrative privileges, enabling a local, user‑privilege bypass that allows an arbitrary file write via a symbolic link attack with file restoration functionality. Documented impact acros...

CVE-2024-36424

CVE-2024-36424 affects K7 Ultimate Security prior to version 17.0.2019, via the driver file K7RKScan.sys . The vulnerability is a NULL pointer dereference that, when triggered through IOCTLs 0x222010/0x222014, allows a local attacker to cause a denial of service (BSOD). Impact is a system crash; ...

CVE-2019-16897

CVE-2019-16897 affects K7 Antivirus Premium/Total Security/Ultimate Security (16.0.xxx up to 16.0.0120). The issue stems from the module K7TSHlpr.dll improperly validating the user’s administrative privileges, enabling arbitrary registry writes in the K7AVOptn.dll module and facilitating privileg...

CVE-2025-67826

The CVE-2025-67826 entry concerns K7 Ultimate Security 17.0.2045, where a Local Privilege Escalation exists in the antivirus. The underlying issue is insecure access to a named pipe that allows a local unprivileged user to edit any registry key, enabling a full SYSTEM compromise. This is a local,...