CVE-2024-24245

2024-04-0900:00:00

mitre

github.com

canimaan software ltd

clamxav

privilege escalation

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool component.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:canimaan:clamxav:*:*:*:*:*:*:*:*"
    ],
    "vendor": "canimaan",
    "product": "clamxav",
    "versions": [
      {
        "status": "affected",
        "version": "3.1.2",
        "versionType": "custom",
        "lessThanOrEqual": "3.6.1"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

www.clamxav.com/version-history/