4 matches found
CVE-2021-31728
CVE-2021-31728 affects MalwareFox AntiMalware 2.74.0.150, with vulnerable drivers zam64.sys and zam32.sys. A non-privileged process can obtain a handle to \.\ZemanaAntiMalware, register via IOCTL 0x80002010, allocate executable memory via IOCTL 0x80002040, install a hook with IOCTL 0x80002044, an...
CVE-2021-31727
MalwareFox AntiMalware 2.74.0.150 is affected by CVEs CVE-2021-31727 and CVE-2021-31728. The vulnerability stems from incorrect access control in zam64.sys and zam32.sys, enabling a non-privileged process to obtain a handle to \.\ZemanaAntiMalware and issue IOCTLs (notably 0x80002010, 0x80002014,...
CVE-2018-6593
CVE-2018-6593 corresponds to MalwareFox AntiMalware 2.74.0.150. The local privilege escalation arises from improper access control in zam32.sys and zam64.sys: a non-privileged process can register with the driver by connecting to the filter communication port and issue IOCTL 0x8000204C to .\\Zema...
CVE-2018-6606
MalwareFox AntiMalware 2.74.0.150 contains a local privilege escalation flaw in the zam32.sys and zam64.sys drivers. A non-privileged process can register itself with the driver by sending IOCTL 0x80002010, then elevate privileges via IOCTL 0x8000204C to the .\ZemanaAntiMalware interface. Public ...